Azure Security Basics: Log Analytics, Security Center, and Sentinel
ATT&CK techniques detected
T1078.004Cloud Accounts
81%
“ms. portal. azure. com / # blade / microsoft _ azure _ monitoring _ logs / demologsblade - https : / / docs. microsoft. com / en - us / azure / security - center / security - center - enable - data - collection - https : / / docs. microsoft. com / en - us / microsoft - 365 / ente…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1526Cloud Service Discovery
42%
“> security center > pricing & settings > continuous export. here we need to enable the appropriate exported data types. at this point, we should have some initial events. next up, azure sentinel navigate to home > sentinel. click add. next up, add the workspace. once everything w…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Jordan Drysdale // TL;DR The problem with a pentester’s perspective on defense, hunting, and security: Lab demographics versus scale. If it costs $15 bucks per month per server for me […]
The post Azure Security Basics: Log Analytics, Security Center, and Sentinel appeared first on Black Hills Information Security, Inc..