Modern SecOps
Become an expert in next gen cyber tools.
Use the lessons I learned from hundreds of cyber professionals to catch the attackers everyone else is missing.
Connect
How to write faster Sentinel queries. KQL best practices with real world examples
All the shortcuts you need to make you a Sentinel GUI Wizard
Using jaccard index in KQL to find threats hidden in the patterns
How to write KQL Sentinel Summary Rules with 3 real world examples.
Neurology, technology, and Sentinel Summary rules. Explaining the intuition and process of building summary rules from scratch.
Learn from my mistakes, tuning doesn't have to be awful
Parsing the same firewall log message in 4 different formats (JSON, CEF, BSD Syslog, and Syslog RFC 5424) with full KQL breakdown
How a 2011 presentation from DARPA is still relevant today
What does curiosity have to do with cybersecurity? Just a little, I promise.
Separate the bad from the worse if you want to do SecOps right
How I beat legacy data pipelines to save a SOC.