This blogpost is about a real-world use case where we will explain almost all Azure Sentinel functions. Because we want this blog to have real-world data for every reader to reproduce, we start with the setup of our honeypot (a honeypot is a system intended to mimic a target of cyberattacks to detect unauthorized access) … Continued
The purpose of this blog is to explain the difference between ‘brute force,’ and ‘password spray’ attacks with real-world data and visualization via the Azure Sentinel Logs (e.g., Hunting) and Workbooks feature. Brute force attack A brute password attack is using multiple passwords (automated via a password file, for example) to attack one user account. … Continued
Een boost voor InSpark’s unieke Azure-Powered Cloud SOC We zijn ontzettend trots dat wij mogen aankondigen dat InSpark is geaccepteerd als lid van de Microsoft Intelligent Security Association (MISA). Als partner van MISA zijn we nog beter in staat organisaties te helpen om steeds geavanceerdere cyberaanvallen te bestrijden. De Microsoft Intelligent Security Association is een … Continued
A boost for InSpark’s Microsoft Azure-Powered Cloud SOC We are very proud to announce that InSpark has joined the Microsoft Intelligent Security Association (MISA). As a member of MISA we are even more able to help organizations fight off increasingly sophisticated cyber attacks. The Microsoft Intelligent Security Association is an ecosystem of independent software vendors … Continued
At InSpark, we use Azure Sentinel (Microsoft’s Cloud Security Information & Event Management (SIEM) solution) to help keep our customers safe. Azure Sentinel is a relatively new Microsoft tool. In this article, we will elaborate on its functionalities and illustrate these with real-world examples from our Cloud-native Security Operations Center (SOC). In our SOC, we … Continued