Correlating Defender for Endpoint and Global Secure Access Logs

Correlating Defender for Endpoint and Global Secure Access Logs

If you are working with Microsoft security solutions, you might have heard of the new kid on the block called Microsoft Global Secure Access. Being a blue teamer myself, I asked myself how we can use this new Secure Service Edge solution - and specifically the Internet Access logs - to make our detections better.
6 min read
MDE GSA Global Secure Access Kusto
Analyzing MDE Network Inspections

Analyzing MDE Network Inspections

What is Defender for Identity NNR, why is it important, and how can you resolve issues with it?
9 min read
MDI Defender XDR Kusto Health monitoring