Blog

How to Deploy Anti-Ransomware Kill Switch on File Server

Login To the file server as admin. Open Server Manager and install the File server Resource Manager role if not installed. After installing Reboot the server. Once up, open powershell as admin and run the following script. # DeployCryptoBlocker.ps1 # Version: 1.1 ##### ################################ USER …

Read more

Azure Sentinel Training- Sentinel SIEM- A Complete Guide

Table of Contents Introduction What is SIEM and SOAR? What is Azure Sentinel? Azure Sentinel Pricing Log Analytics and Azure Sentinel Overview Deep Dive and Deployment Workspace Data Connectors Analytics Rules Hunting Rules Workbooks Automation Threat Intelligence Entity Behavior Extra Sources of Information 1. Introduction …

Read more

How to Track Active Directory Account and Group Membership Changes?

Audit Active Directory Account and Group Membership Changes To Azure Sentinel Currently Microsoft Azure Sentinel does not ingest Active Directory User Account and Group Membership changes and audit.  The recent connector “Security Events” is built in to ingest event id’s for the above mentioned activities, …

Read more