Understanding Azure Sentinel + KQL | Matt Zorich on Cloud Conversations | Ep 43
Cloud Conversations - En podkast av Azure, Peter, Femke, Ru, and Kat
Kategorier:
Matt Zorich is a Principal Cyber Security Operations Specialist who runs the Learn Sentinel blog and is currently taking followers through the '365 days of KQL' hashtag on Twitter. He's a KQL guru and sharing his wisdom with the community in a big way. He joins Ru and Pete in this episode to talk about... • How 365 days of KQL started • What makes Sentinel so valuable • Do you need Sentinel if you have Microsoft 365 Defender with advanced hunting? • Recommendations for folks getting into Sentinel / KQL - advice, lessons learned, etc • The gateway/path from "normal" IT to security specialist? Connect with Matt online: Twitter: https://twitter.com/reprise_99 LinkedIn: https://www.linkedin.com/in/matthewzorich Blog: https://learnsentinel.blog/blog GitHub: https://github.com/reprise99 Follow us on Twitter: Azure: https://twitter.com/amac_ncheese Kat: https://twitter.com/GreenanKat Pete: https://twitter.com/M365Rising Ru: https://twitter.com/rucam365 The show: https://twitter.com/CloudCons365 Connect with us on LinkedIn: Azure: https://www.linkedin.com/in/azuremcfarlane Kat: https://www.linkedin.com/in/kat-greenan-ba212a18 Pete: https://www.linkedin.com/in/peterrising Ru: https://www.linkedin.com/in/rlcam Check out our blogs: Azure: Kat: https://collabwithkat.com Pete: https://www.peterrising.co.uk Ru: https://campbell.scot Buy Pete's books! MS-500 Exam Guide (UK): https://www.amazon.co.uk/dp/1838983120 MS-700 Exam Guide (UK): https://www.amazon.co.uk/dp/1801071004 MS-500 Exam Guide (USA): https://www.amazon.com/dp/1838983120 MS-700 Exam Guide (USA): https://www.amazon.com/dp/1801071004
