A New Era of Security

Cyberattacks are now more common than ever. These attacks have ability to reach a global scale and result in harm and losses on a huge scale towards an individual as well as a business.

It has become more crucial than ever to be self-aware and protected from as many threats as we can.

On this website I share my journey as a Cybersecurity Consultant and my findings. Stay Tuned for more stuff and enjoy your time being here. Hope you find these things useful.

checkout blogs and findings

Security Audits

Security Audits are really necessary as they help us identity our biggest anomalies and play a crucial role in making company more secure and protecting them from unknown risks.

SIEM and SOAR Solution

In today’s world where there is abundance of data and incidents happening every minute, a SIEM and a SOAR solution are really important to be able to effectively and effeciently deal against Cyber-Threats. An Example of such solution is Microsoft Azure Sentinel. Check out my Blogs for more information on Azure Sentinel as a SIEM.

Threat Intelligence & Hunting

Organizations all around the world spend millions of dollars on Cybersecurity. Lots of Threat Intelligence is released by such organizations and it has become dominant to have those feeds in our environment to make sure they are blocked of. Check out below for such threat intellifence feeds in my findings.

About

Samant Jaitli

Samant is a Microsoft Security Consultant currently working at Softlanding in Vancouver, Ca. Microsoft Certified DevOPS Engineer and Microsoft Certified O365 Enterprise Administrator Expert. Carry extensive experience working with Microsoft Security Stack with clients ranging from small to large scale. Proficient in deploying, managing, tuning and analysing Microsoft Azure Sentinel as a SIEM and a SOAR, Microsoft Defender ATP, Azure ATP and Microsoft Cloud App Security.

Built and created automations around deploying and managing of infrastructure, security, cloud with powershell, python, java script and REST API.

Following are the Certifications:

microsoft365-enterprise-adminstrator-expert-600x600

microsoft365-security-administrator-associate-600x600

azure-security-engineer-associate600x600

What to do when an Incident occurs?

The 6 stages for an Incident Response plan are: Preparation, Identificiation, Containment, Eradication, Recovery and Lessons Learned.

Get to know more

"There are only two types of companies: those that have been hacked, and those that will be"

– Robert Muelier

FBI Director, 2012

Approach

Our Approach to Security and Blogs

How to Deploy Anti-Ransomware Kill Switch on File Server

by SAMANT JAITLI | Aug 5, 2021 | active directory

Login To the file server as admin. Open Server Manager and install the File server Resource Manager role if not installed. After installing Reboot the server. Once up, open powershell as admin and run the following script. # DeployCryptoBlocker.ps1 # Version: 1.1...

Azure Sentinel Training- Sentinel SIEM- A Complete Guide

by SAMANT JAITLI | Mar 22, 2021 | azure sentinel

Table of Contents Introduction What is SIEM and SOAR? What is Azure Sentinel? Azure Sentinel Pricing Log Analytics and Azure Sentinel Overview Deep Dive and Deployment Workspace Data Connectors Analytics Rules Hunting Rules Workbooks Automation Threat Intelligence...

How to Track Active Directory Account and Group Membership Changes?

by SAMANT JAITLI | Feb 23, 2021 | azure sentinel

Audit Active Directory Account and Group Membership Changes To Azure Sentinel Currently Microsoft Azure Sentinel does not ingest Active Directory User Account and Group Membership changes and audit. The recent connector “Security Events” is built in to ingest...