Its Security Day with Mike

Explore the latest in technology and cybersecurity with insightful blog posts, expert tips, and in-depth analysis. Stay informed, stay secure!

Category: Sentinel

  • Mastering SecOps: Destroy Response Time with Sentinel Playbooks

    Mastering SecOps: Destroy Response Time with Sentinel Playbooks

    Mike Taylor

    , ,

    Welcome back to Mastering SecOps, a five-part blog series designed to help you fully operationalize Microsoft Sentinel with tools like Sentinel Playbooks. In our last post, we focused on strengthening detection using MITRE ATT&CK and UEBA. Today, let’s dive into a key part of any modern SOC: automation and alert enrichment, enabled by Sentinel Playbooks.… Read more

  • Enhancing SecOps: Unlock Smarter Detections with MITRE ATT&CK and UEBA

    Enhancing SecOps: Unlock Smarter Detections with MITRE ATT&CK and UEBA

    Mike Taylor

    ,

    Improve Microsoft Sentinel detection by combining MITRE ATT&CK and UEBA. Learn how to map detection rules and use behavior analytics for better security alerts. Read more

  • 💡Security Copilot Cost Optimization: Save Big, Defend Better

    💡Security Copilot Cost Optimization: Save Big, Defend Better

    Mike Taylor

    , , , , ,

    Security Copilot is transforming how security teams operate—streamlining incident response, enhancing threat hunting, and accelerating triage. Effective Security Copilot Optimization is essential, as costs can escalate quickly if not managed wisely. The good news? You don’t have to sacrifice capability to stay within budget. Here are practical, proven strategies to help you get the most out of… Read more

  • 🧠 Security Copilot Agents: How They Work to Amplify Security

    🧠 Security Copilot Agents: How They Work to Amplify Security

    Mike Taylor

    , , ,

    Security Copilot by Microsoft is ushering in a new era of AI-assisted security operations. Whether you’re a SOC analyst overwhelmed with alerts or a security leader looking to maximize efficiency, Security Copilot provides a unified AI interface that acts like a trusted co-pilot. At the core of this AI-driven experience are security copilot agents—modular, intelligent… Read more

  • How to Create Custom Sentinel Analytic Rules

    How to Create Custom Sentinel Analytic Rules

    Mike Taylor

    ,

    By Mike – Security Day Blog – This post will explain the importance of developing Sentinel rules for modern security systems. 👋 Introduction: Sentinel Rule Building Can Be Tough—Here’s How I Make It Easier Let’s be real—building custom detection rules isn’t always easy. There are days when everything clicks and the logic comes together fast.… Read more

  • Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Mike Taylor

    ,

    Introduction In today’s sprawling security ecosystems, many organizations run parallel SIEMs. They use a legacy platform to handle traditional infrastructure. Alongside this, they use Microsoft Sentinel to watch cloud-native workloads. The challenge? Making these systems talk to each other effectively. This post shows how to ingest alerts from third-party SIEM platforms into Microsoft Sentinel. More… Read more

  • The Unfiltered Truth: How to Slash Sentinel Costs by Curating Log Chaos

    The Unfiltered Truth: How to Slash Sentinel Costs by Curating Log Chaos

    Mike Taylor

    Drowning in logs? You’re not alone. When on-premise systems spew unfiltered telemetry into Microsoft Sentinel, you end up with bloated dashboards, noisy detections, and a hemorrhaging Azure bill. This guide is your antidote: a meticulous blueprint for curating log data — turning a chaotic flood into a lean, incisive signal stream that tells a story… Read more

  • Demystifying Uncommon Log Sources into Microsoft Sentinel: What You Need to Know (with Real Client Examples + Code)

    Demystifying Uncommon Log Sources into Microsoft Sentinel: What You Need to Know (with Real Client Examples + Code)

    Mike Taylor

    Microsoft Sentinel provides native connectors for many popular services. However, when your environment includes custom-built applications, legacy systems, or niche appliances, you’ll often need to step outside of the out-of-the-box options. Ingesting uncommon log sources is essential for achieving complete visibility across your environment. Fortunately, with the right approach, it’s absolutely achievable. In this post,… Read more

  • Why Microsoft Sentinel Complements Your Current SIEM

    Why Microsoft Sentinel Complements Your Current SIEM

    Mike Taylor

    ,

    Client Security teams often ask me the same question when Microsoft Sentinel comes up: “Why would we use Sentinel? We already have a SIEM.” It’s a fair question—especially if your current SIEM has been in place for years, integrated into your workflows, and tuned to your environment. But here’s the critical truth: Microsoft Sentinel isn’t… Read more

  • What to Focus on First with Microsoft Sentinel

    What to Focus on First with Microsoft Sentinel

    Mike Taylor

    ,

    Mike! Mike! Mike! What day is it? Its Security with Mike! One of the most critical components of any security organization is a functional SIEM—one that delivers the visibility, threat detection, and response capabilities your organization needs. Without proper planning, a SIEM can quickly become a costly, ineffective log repository instead of a powerful security… Read more