Wednesday, June 10, 2026

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Common Vulnerabilities and Exposures
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Common Vulnerabilities and Exposures
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

Zscaler

April 16, 2026 Wayne Andes 42 Views 0 Comments 1 min read

Improper Signature Verification in Zscaler SAML Authentication

CVE-2025-54982 April 15, 2026 If you’ve ever trusted SAML implicitly because “it’s enterprise, it’s secure,” this vulnerability is your gentle

+ BREAK Common Vulnerabilities and Exposures Zscaler

April 1, 2026 Wayne Andes 45 Views 0 Comments 1 min read

Traffic Inspection Bypass via Client Connector Misconfiguration

CVE-2026-22569 March 31, 2026 Now this one is sneaky. CVE-2026-22569 involves a startup configuration issue in Zscaler Client Connector for

+ BREAK Common Vulnerabilities and Exposures Zscaler

February 24, 2026 Wayne Andes 48 Views 0 Comments 1 min read

Improper Input Validation in ZIA Admin UI

CVE-2026-22567 February 23, 2026 You know how input validation is one of those “we learned this in year one” concepts?

+ BREAK Common Vulnerabilities and Exposures Zscaler

February 24, 2026 Wayne Andes 43 Views 0 Comments 1 min read

ZIA Admin UI Information Disclosure

CVE-2026-22568 February 23, 2026 This one doesn’t scream chaos at first glance, but don’t underestimate information disclosure vulnerabilities. CVE-2026-22568 allows

+ BREAK Kusto Query Language Microsoft Sentinel Zscaler

January 29, 2025 Wayne Andes 827 Views 8 min read

Troubleshooting Data Ingestion Lag in Microsoft Sentinel from Zscaler Logs

In the ever-evolving landscape of cybersecurity monitoring, timely and accurate log ingestion is king. Recently, a curious case of data

+ SECURE Kusto Query Language Microsoft Sentinel Microsoft Teams Zscaler

January 28, 2025 Wayne Andes 997 Views 4 min read

Detect Microsoft Teams Large Data Transfer Using KQL

This KQL query detects unusually large Microsoft Teams data transfers by analyzing Zscaler logs for traffic exceeding 50GB within a

+ SECURE Kusto Query Language Microsoft Sentinel Microsoft Teams Zscaler

January 27, 2025 Wayne Andes 939 Views 3 min read

Detect Microsoft Teams Large Data Transfer Using KQL

This article covers a Kusto Query Language (KQL) script designed to detect large data transfers involving Microsoft Teams traffic as

Topics To Explore

+ BLOG + BREAK + BUILD + NEWS + SECURE Active Directory Azure Logic Apps Common Vulnerabilities and Exposures Fortinet Homelab Kusto Query Language Microsoft Copilot Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Power Automate Microsoft PowerShell Microsoft Sentinel Microsoft Teams Microsoft Windows Microsoft Windows Server Netskope SentinelOne Symantec Endpoint Protection VMware Carbon Black Zscaler

Recent BUILD Posts

Streamline SentinelOne Endpoint Scans with Power AutomateJune 2, 2025
Automate SentinelOne Incident Alerts to Microsoft Teams with Power AutomateJune 2, 2025
Get Started On Microsoft Power AutomateMay 26, 2025
PowerShell Finds Its Voice: Talking Scripts Are Now a ThingJuly 7, 2023

Recent BREAK Posts

Microsoft 365 Copilot Command Injection VulnerabilityMay 13, 2026
Azure Logic Apps Elevation of Privilege VulnerabilityMay 13, 2026
Copilot Chat Command Injection Vulnerability (Microsoft Edge)May 8, 2026
Microsoft 365 Copilot Injection VulnerabilityMay 8, 2026
Microsoft 365 Copilot Business Chat Information DisclosureMay 8, 2026

Recent SECURE Posts

Detect QR Code-Based Phishing with KQL in Microsoft Defender XDRFebruary 10, 2025
Monitor Active CISA Exploited CVEs Using This KQL QueryFebruary 3, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 28, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 27, 2025
List Untrusted SSH File Transfer Protocol Connection Not Blocked By Symantec Endpoint ProtectionJanuary 22, 2025

Manage Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options
Manage services
Manage {vendor_count} vendors
Read more about these purposes

View preferences

{title}
{title}
{title}