List Automatically Closed Incidents
Description This KQL query lists the incidents that are automatically closed by Microsoft Defender XDR. It is good practice to
Read MoreBuild+Break+Secure
Where Every Failure Becomes A Manual
Author: Wayne Andes
Crafting Your Cyber Domain without Breaking the Bank!
So, you’re finally convinced to scratch the itch and turn that old laptop into something more than just a coffee
Read MoreList Successful Sign-in From A New Country
Description This KQL query detects successful sign-ins from countries that have not been seen before. Depending on where you run
Read More
Safeguarding Our Children’s Online Presence (A Guide to Homelab Protection)
In today’s digital age, children are growing up surrounded by technology, making online safety a crucial concern for parents and
Read MoreHunt For Suspicious Encoded PowerShell
PowerShell can be used encoded to obfuscate the commands that have been executed. An attacker can choose encoding to hide
Read More
Why I Started A Homelab
In my last article, I delved into the benefits of starting a homelab, but now I want to get personal
Read MoreHunt For Malicious HTTP Traffic
This Threat Hunting case is based on the DeviceNetworkEvents table. The goal is to find malicious HTTP traffic. Step 1:
Read More
Why Start A Homelab?
In a world where technology plays an increasingly central role in our lives, the idea of creating a homelab—a personalized
Read More
What Is A Homelab?
Greetings, fellow tech aficionados and digital nomads! Today, I’m thrilled to dive into the electrifying world of homelabbing—a haven for
Read More