Category: KQL

Defender for Cloud security alerts

The scenario You have a Windows server with a public IP-address and RDP (TCP 3389) is exposed to internet. And there is still over 3 million open TCP 3389 ports out there. Stupid right but if you are one of…

Continue Reading Defender for Cloud security alerts

Section 12 – Manage security operations – Configure and manage security monitoring solutions

AZ-500 is continuing with the following: Create and customize alert rules by using Azure Monitor Configure diagnostic logging and log retention by using Azure Monitor Monitor security logs by using Azure Monitor Create and customize alert rules in Azure Sentinel…

Continue Reading Section 12 – Manage security operations – Configure and manage security monitoring solutions