Its Security Day with Mike

Explore the latest in technology and cybersecurity with insightful blog posts, expert tips, and in-depth analysis. Stay informed, stay secure!

Tag: logging

  • Mastering SecOps: Drive Better SOC Decisions Today

    Mastering SecOps: Drive Better SOC Decisions Today

    Mike Taylor

    ,

    Welcome back to Mastering SecOps, a five-part blog series built to help you mature your Microsoft Sentinel environment with confidence. So far, we’ve explored smart detection with MITRE ATT&CK and UEBA, and how to destroy response time delays with Sentinel Playbooks and Threat Intelligence. Now, we’ll focus on how to leverage Sentinel Workbooks to visualize Read more

  • Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Exploit SIEM Synergy: Supercharge Azure Sentinel Now

    Mike Taylor

    ,

    Introduction In today’s sprawling security ecosystems, many organizations run parallel SIEMs. They use a legacy platform to handle traditional infrastructure. Alongside this, they use Microsoft Sentinel to watch cloud-native workloads. The challenge? Making these systems talk to each other effectively. This post shows how to ingest alerts from third-party SIEM platforms into Microsoft Sentinel. More Read more

  • The Unfiltered Truth: How to Slash Sentinel Costs by Curating Log Chaos

    The Unfiltered Truth: How to Slash Sentinel Costs by Curating Log Chaos

    Mike Taylor

    Drowning in logs? You’re not alone. When on-premise systems spew unfiltered telemetry into Microsoft Sentinel, you end up with bloated dashboards, noisy detections, and a hemorrhaging Azure bill. This guide is your antidote: a meticulous blueprint for curating log data — turning a chaotic flood into a lean, incisive signal stream that tells a story Read more

  • Demystifying Uncommon Log Sources into Microsoft Sentinel: What You Need to Know (with Real Client Examples + Code)

    Demystifying Uncommon Log Sources into Microsoft Sentinel: What You Need to Know (with Real Client Examples + Code)

    Mike Taylor

    Microsoft Sentinel provides native connectors for many popular services. However, when your environment includes custom-built applications, legacy systems, or niche appliances, you’ll often need to step outside of the out-of-the-box options. Ingesting uncommon log sources is essential for achieving complete visibility across your environment. Fortunately, with the right approach, it’s absolutely achievable. In this post, Read more

  • Why Microsoft Sentinel Complements Your Current SIEM

    Why Microsoft Sentinel Complements Your Current SIEM

    Mike Taylor

    ,

    Client Security teams often ask me the same question when Microsoft Sentinel comes up: “Why would we use Sentinel? We already have a SIEM.” It’s a fair question—especially if your current SIEM has been in place for years, integrated into your workflows, and tuned to your environment. But here’s the critical truth: Microsoft Sentinel isn’t Read more

  • What to Focus on First with Microsoft Sentinel

    What to Focus on First with Microsoft Sentinel

    Mike Taylor

    ,

    Mike! Mike! Mike! What day is it? Its Security with Mike! One of the most critical components of any security organization is a functional SIEM—one that delivers the visibility, threat detection, and response capabilities your organization needs. Without proper planning, a SIEM can quickly become a costly, ineffective log repository instead of a powerful security Read more