Recently, I encountered an issue while working on a project that involved onboarding on-premises Syslog data sources to Azure Sentinel through a Log Analytics Workspace. The process was designed to use an on-premises data collector server via a private endpoint and Azure Monitor Private Link Service (AMPLS). Despite having proper planning and configuration, ran into […]
Deploy and Administer Microsoft Purview Insider Risk Management
In today’s digital world, insider threats are a growing concern. Whether intentional or accidental, employee actions can lead to data breaches and financial loss. Microsoft Purview Insider Risk Management offers tools to detect, manage, and reduce these risks. This guide covers deploying and managing Insider Risk Management to protect sensitive data and ensure compliance. Microsoft […]
Revolutionize Your Data Management with Microsoft Fabric and Purview: Unlock Seamless Integration and Enhanced Governance
The integration of Microsoft Purview and Microsoft Fabric presents a game-changing approach to managing and optimizing an organization’s data ecosystem. Microsoft Purview is a robust data governance solution designed to help businesses discover, catalog, and govern their data assets across hybrid and multi-cloud environments. It ensures that data is properly classified, secured, and accessible, providing […]
Securing Microsoft Fabric: The Friendly Guide to User Authentication & Authorization
Alright, squad, let’s talk about keeping your Microsoft Fabric setup locked down like Fort Knox! Whether you’re a pro or just vibing with cloud security, this guide’s gonna hit you with the essentials on making sure your access is tight. Let’s break it down: 🔑 User Authentication: Who Are You, Really? First up, we gotta […]
Microsoft Fabric Security Fundamentals: Architectural Overview
User Access and Interaction: Authentication and Identity Management: Handling User Requests at the Web Front End: Managing Metadata and Authorization: Back-End Capacity Platform: Secured Virtual Networks and Internet Protection: Restricted Internal Communication:
Deploying MS Sentinel Analytic Rules using Terraform
For a simple Alert Rule, the Terraform code is fairly direct and easy to understand. The documentation provides clear guidance, making it easier to implement such rules with minimal effort. However, if your goal is to deploy more sophisticated Alert Rules that go beyond the basics—especially if you want to replicate the functionality provided in […]
Are you Curious to Know the Role of AI in Cybersecurity
As everyone is talking about this new era of AI-based security and most of the leaders started talking about the same at every meeting some people started blindly believing that AI is the next future in Cyber World. In my opinion, as the digital landscape evolves, leveraging Artificial Intelligence in cybersecurity has become a game-changer […]
Step By Step Guide to Install Windows Server 2022 on Windows 11-PC Using VirtualBox.
To start installing Oracle VM VirtualBox, first, go to the link provided. https://www.virtualbox.org/wiki/Downloads Click on Windows hosts to install the VirtualBox. Now we will be downloading Server 2022 ISO.Go to the website link https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2022.Now you will scroll down to the section titled Get started for free. Click Download the ISO, and under the section Register for your free trial today fill out […]
Are your AAD logs becoming too expensive in Sentinel?
Are your AAD logs becoming too expensive in Sentinel? I have an idea about why this happens. These logs seem to be mainly designed for reporting purposes, and optimal sizing might not have been a key focus. In my experience, these logs can grow rapidly and become quite costly to maintain in Sentinel. The two […]
How to deploy Azure Sentinel
Before coming to actual deployment, there are a few prerequisites you need to take care of: Enable Azure Sentinel Sign in to the portal and Search and select Azure Sentinel: Choose an existing workspace or create a new one. You can run sentinel on multiple workspaces, but the data is only stored in one of them. […]