Skip to content

Monday, July 7, 2025

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

Automate Security Operations with Microsoft Power Automate

+ BLOG Microsoft Power Automate

Automate Security Operations with Microsoft Power Automate

May 31, 2025 Wayne Andes

Harden Windows Server 2025: Baseline Settings You Need to Know

+ BLOG Microsoft Windows Server

Harden Windows Server 2025: Baseline Settings You Need to Know

February 7, 2025 Wayne Andes

Windows 11 24H2 GPO Security Changes Explained

+ BLOG Microsoft Windows

Windows 11 24H2 GPO Security Changes Explained

October 4, 2024 Wayne Andes

Determining the Right Time to Implement Microsoft Sentinel

+ BLOG Microsoft Sentinel

Determining the Right Time to Implement Microsoft Sentinel

April 5, 2024 Wayne Andes

What is BREAK?

What is BREAK?

April 1, 2024 Wayne Andes

Crafting Your Cyber Domain without Breaking the Bank!

Crafting Your Cyber Domain without Breaking the Bank!

March 6, 2024 Wayne Andes

Safeguarding Our Children’s Online Presence (A Guide to Homelab Protection)

Safeguarding Our Children’s Online Presence (A Guide to Homelab Protection)

February 28, 2024 Wayne Andes

Why I Started A Homelab

Why I Started A Homelab

February 20, 2024 Wayne Andes

Why Start A Homelab?

Why Start A Homelab?

February 16, 2024 Wayne Andes

What Is A Homelab?

What Is A Homelab?

February 14, 2024 Wayne Andes

BUILD Spotlight

+ BUILD Microsoft Power Automate Microsoft Teams SentinelOne

Streamline SentinelOne Endpoint Scans with Power Automate

June 2, 2025 Wayne Andes

Automating SentinelOne disk scans with Power Automate helps security teams execute regular endpoint security scans while keeping everyone in the

BREAK Spotlight

+ BREAK Kusto Query Language Microsoft Sentinel Zscaler

Troubleshooting Data Ingestion Lag in Microsoft Sentinel from Zscaler Logs

January 29, 2025 Wayne Andes

In the ever-evolving landscape of cybersecurity monitoring, timely and accurate log ingestion is king. Recently, a curious case of data

SECURE Spotlight

+ SECURE Kusto Query Language Microsoft Defender XDR Microsoft Sentinel

Detect QR Code-Based Phishing with KQL in Microsoft Defender XDR

February 10, 2025 Wayne Andes

QR code phishing is on the rise. Threat actors are embedding malicious URLs inside QR codes in emails, bypassing traditional

Cybersecurity News

Microsoft Telnet Server Bug Lets Attackers Bypass Guest Login Restrictions

Microsoft Telnet Server Bug Lets Attackers Bypass Guest Login Restrictions

May 1, 2025 Wayne Andes

In a reminder that legacy tools still cast long shadows, a newly discovered vulnerability in Microsoft’s Telnet Server has emerged—allowing

Microsoft Defender XDR Error Exposes 1,700+ Corporate Documents in Public Leak

Microsoft Defender XDR Error Exposes 1,700+ Corporate Documents in Public Leak

April 26, 2025 Wayne Andes

MITRE’s CVE Program Gets Funding Extension Just in Time

MITRE’s CVE Program Gets Funding Extension Just in Time

April 17, 2025 Wayne Andes

MITRE’s CVE Contract Expires – Internal Memo Leaked!

MITRE’s CVE Contract Expires – Internal Memo Leaked!

April 16, 2025 Wayne Andes

NBI Data Breach Exposes Millions of Filipino Records

NBI Data Breach Exposes Millions of Filipino Records

January 21, 2025 Wayne Andes

Search

Topics To Explore

+ BLOG + BREAK + BUILD + NEWS + SECURE Active Directory Fortinet Homelab Kusto Query Language Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Power Automate Microsoft PowerShell Microsoft Sentinel Microsoft Teams Microsoft Windows Microsoft Windows Server SentinelOne Symantec Endpoint Protection VMware Carbon Black Zscaler

Recent BUILD Posts

Streamline SentinelOne Endpoint Scans with Power AutomateJune 2, 2025
Automate SentinelOne Incident Alerts to Microsoft Teams with Power AutomateJune 2, 2025
Get Started On Microsoft Power AutomateMay 26, 2025
PowerShell Finds Its Voice: Talking Scripts Are Now a ThingJuly 7, 2023

Recent BREAK Posts

Troubleshooting Data Ingestion Lag in Microsoft Sentinel from Zscaler LogsJanuary 29, 2025
What is BREAK?April 1, 2024

Recent SECURE Posts

Detect QR Code-Based Phishing with KQL in Microsoft Defender XDRFebruary 10, 2025
Monitor Active CISA Exploited CVEs Using This KQL QueryFebruary 3, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 28, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 27, 2025
List Untrusted SSH File Transfer Protocol Connection Not Blocked By Symantec Endpoint ProtectionJanuary 22, 2025

About Me • Privacy Policy • Terms of Use • © 2025 Build+Break+Secure

Manage Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options Manage services Manage {vendor_count} vendors Read more about these purposes

View preferences

{title} {title} {title}