Its Security Day with Mike

Explore the latest in technology and cybersecurity with insightful blog posts, expert tips, and in-depth analysis. Stay informed, stay secure!

Category: SIEM

  • Mastering SecOps: Destroy Response Time with Sentinel Playbooks

    Mastering SecOps: Destroy Response Time with Sentinel Playbooks

    Mike Taylor

    , ,

    Welcome back to Mastering SecOps, a five-part blog series designed to help you fully operationalize Microsoft Sentinel with tools like Sentinel Playbooks. In our last post, we focused on strengthening detection using MITRE ATT&CK and UEBA. Today, let’s dive into a key part of any modern SOC: automation and alert enrichment, enabled by Sentinel Playbooks.… Read more

  • Enhancing SecOps: Unlock Smarter Detections with MITRE ATT&CK and UEBA

    Enhancing SecOps: Unlock Smarter Detections with MITRE ATT&CK and UEBA

    Mike Taylor

    ,

    Improve Microsoft Sentinel detection by combining MITRE ATT&CK and UEBA. Learn how to map detection rules and use behavior analytics for better security alerts. Read more

  • 💡Security Copilot Cost Optimization: Save Big, Defend Better

    💡Security Copilot Cost Optimization: Save Big, Defend Better

    Mike Taylor

    , , , , ,

    Security Copilot is transforming how security teams operate—streamlining incident response, enhancing threat hunting, and accelerating triage. Effective Security Copilot Optimization is essential, as costs can escalate quickly if not managed wisely. The good news? You don’t have to sacrifice capability to stay within budget. Here are practical, proven strategies to help you get the most out of… Read more

  • How to Create Custom Sentinel Analytic Rules

    How to Create Custom Sentinel Analytic Rules

    Mike Taylor

    ,

    By Mike – Security Day Blog – This post will explain the importance of developing Sentinel rules for modern security systems. 👋 Introduction: Sentinel Rule Building Can Be Tough—Here’s How I Make It Easier Let’s be real—building custom detection rules isn’t always easy. There are days when everything clicks and the logic comes together fast.… Read more

  • Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Mike Taylor

    ,

    Introduction In today’s sprawling security ecosystems, many organizations run parallel SIEMs. They use a legacy platform to handle traditional infrastructure. Alongside this, they use Microsoft Sentinel to watch cloud-native workloads. The challenge? Making these systems talk to each other effectively. This post shows how to ingest alerts from third-party SIEM platforms into Microsoft Sentinel. More… Read more

  • Why Microsoft Sentinel Complements Your Current SIEM

    Why Microsoft Sentinel Complements Your Current SIEM

    Mike Taylor

    ,

    Client Security teams often ask me the same question when Microsoft Sentinel comes up: “Why would we use Sentinel? We already have a SIEM.” It’s a fair question—especially if your current SIEM has been in place for years, integrated into your workflows, and tuned to your environment. But here’s the critical truth: Microsoft Sentinel isn’t… Read more

  • What to Focus on First with Microsoft Sentinel

    What to Focus on First with Microsoft Sentinel

    Mike Taylor

    ,

    Mike! Mike! Mike! What day is it? Its Security with Mike! One of the most critical components of any security organization is a functional SIEM—one that delivers the visibility, threat detection, and response capabilities your organization needs. Without proper planning, a SIEM can quickly become a costly, ineffective log repository instead of a powerful security… Read more