Tag: Cloud Security
-
Reflecting on the Journey Since 2025 with Security Day with Mike: Thank you!
As we close another chapter and look back to when It’s Security Day with Mike! first launched in 2025, I want to take a moment to say Thank You This blog started with a simple goal: translate complex Microsoft security capabilities into practical, real world guidance for technical leaders and practitioners. What it’s grown into Read more
-
Microsoft Ignite 2025 Security Announcements: What Technical Leaders Need to Know
Microsoft Ignite 2025 introduced a major shift in enterprise security, focusing on AI governance, identity centric protection, and autonomous security operations. This post breaks down the most important Microsoft security announcements and what CISOs, Security Architects, and technical leaders need to know. Read more
-
Simple Syslog Ingestion with Microsoft Sentinel Data Lake
Learn how to easily connect your Syslog collector VM, configure a Data Collection Rule, and validate real-time log ingestion into Microsoft Sentinel Data Lake. This step-by-step guide helps you streamline Syslog ingestion for scalable and cost-efficient security analytics. Read more
-
How To Confidently Create Microsoft Sentinel data lake Custom Tables for Security Analytics
Learn how to confidently create custom tables in Microsoft Sentinel Data Lake using the Azure CLI. This step-by-step guide walks you through setup, schema verification, and switching your table to the Data Lake tier for cost-efficient, scalable security analytics management. Perfect for modern SOC and cloud security teams. Read more
-
The Proven Way Sentinel Data Lake Slashes Cost
Introduction Security teams have long faced a tough challenge: balancing visibility with cost. A year ago, many organizations hesitated to adopt Microsoft Sentinel because of the high cost of the Analytics tier, forcing them to strip data down to the bare minimum. Microsoft listened. The Sentinel Data Lake tier is the proven way to slash Read more
-
Microsoft Sentinel MCP: Unleash Explosive AI-Powered Security Operations
Discover how Microsoft Sentinel’s Model Context Protocol (MCP) bridges AI agents and enterprise security data. Learn how MCP enables natural language queries, automates SOC workflows, and integrates with the Sentinel Security Data Lake for faster, smarter threat detection. Read more
-
Unlocking Scalable Security Analytics: Bolster Sentinel Data Governance
Introduction Throughout this series, we’ve explored how Microsoft Sentinel evolves to meet modern security analytics needs—from onboarding and cost optimization to advanced KQL automation and notebook-based data science. One of the key components in this ecosystem is the Sentinel Data Lake, which plays a crucial role in storing and managing security data efficiently. In this Read more
-
Unlocking Scalable Security Analytics: Explode Threat Analysis in Sentinel Notebooks
Take your investigations to the next level with Sentinel Notebooks. Learn how to explode threat analysis workflows using Python, Spark, and machine learning in Microsoft Sentinel Data Lake — turning data into faster, smarter insights. Read more
-
Unlocking Scalable Security Analytics: Expose Sentinel Data Lake Notebooks
Discover how notebooks in Microsoft Sentinel Data Lake bring together KQL, Python, and data science to transform security investigations. Learn what they are, why they matter, and what you need to get started before diving deeper into advanced use cases. Read more
-
Unlocking Scalable Security Analytics: How to Automate KQL Jobs in Sentinel Data Lake
Introduction In Part 4 of this series, we focused on optimizing KQL queries in Microsoft Sentinel Data Lake. Optimized queries are powerful for investigations, but sometimes you need to automate and repeat them. That’s where KQL jobs come in. A KQL job allows you to run scheduled queries across Sentinel Data Lake, store the results, Read more