Episodes
-
Sometimes I feel a bit like Mr. Roark from Fantasy Island where I build and deliver the wishes of the community. Welcome to my island. Smiles everyone!
This episode, here about a new endeavor to consolidate and curate all the great community content for Copilot for Security into a bi-weekly newsletter.
* Subscribe or follow “The CfS Prompt”: https://aka.ms/TheCfSPrompt
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Learning KQL is a necessity for system administrators, Azure operators, and security analysts alike, ensuring workloads are monitored to be active, accessible, and secure in the Microsoft Azure cloud platform.
KQL is a powerful query language that helps analyze a large volume of structured, semi structured, and unstructured data. KQL has inbuilt operators and functions that lets a user analyze data to find trends, patterns, anomalies, create forecasting, and machine learning. KQL underpins a variety of Microsoft cloud products―Microsoft Sentinel, Azure Data Explorer, Microsoft 365 Advanced Hunting, Azure Resource Graph, Azure Monitor and more.
This book is designed to be the definitive guide to not only learning KQL but also to using KQL to solve real-world problems. As you learn parts of the language, the authors will show how that can be used to aid with daily operations and security investigations. At the completion of the book, you will have not only learned the language, but also operationalized KQL in your environment.
This topic is important for anyone who manages anything in Azure and any service (AWS, GCP, etc.) being managed through an Azure-based security platform, as well as systems administrators, security consultants, security operations center analysts, and data scientists.
Get it from Amazon: https://amzn.to/4aMHfrI
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Missing episodes?
-
I’m super happy to announce the schedule for Women in Cybersecurity for March 2024. I hope you’ll join us, and I hope you’ll share this with your colleagues, teammates, and just anyone that will benefit from listening to some great stories about how anyone can pivot into a life of cybersecurity.
Show Notes/Links:
* The Microsoft Security Insights Show: https://aka.ms/GetMSIShow
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Join me this episode as I give my perspective of the Microsoft AI Tour and why you should consider attending if you can.
Show Notes/Links:
* Microsoft AI Tour: https://envision.microsoft.com
* Microsoft AI Tour in NYC: https://msevents.microsoft.com/event?id=2474845579
* Microsoft Security Copilot (or, Copilot for Security): https://aka.ms/CopilotforSecurity
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Welcome back everyone! Thank you so much for listening in to this podcast. Thank you for all the listeners who have found it and have come back again and again.
This is my last podcast for 2023. So, I trust your holiday season will be happy, healthy, and safe.
Show Notes/Links:
HASMUG event: https://www.eventbrite.com/e/hasmug-2023-december-13-microsoft-security-compliance-and-identity-registration-722821026147
The Microsoft AI Tour: https://envision.microsoft.com/
Prepare for Microsoft Security Copilot: https://rodtrent.substack.com/t/security-copilot
Must Learn KQL: https://aka.ms/MustLearnKQL
KQL Christmas Merch - All proceeds go to St. Jude Children’s Research Hospital.
* The KQL Carolers: 'Tis the Season for KQL'Ling: https://must-learn-kql.creator-spring.com/listing/the-kql-carolers
* Must Learn KQL Christmas T-shirt - Style 1: https://must-learn-kql.creator-spring.com/listing/must-learn-kql-christmas-t-shi
* Must Learn KQL Christmas T-shirt - Style 2: https://must-learn-kql.creator-spring.com/listing/new-must-learn-kql-christmas-t
* Must Learn KQL Christmas T-shirt - Style 3: https://must-learn-kql.creator-spring.com/listing/get-must-learn-kql-christmas-t
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Join me this episode as I talk about Microsoft Security Copilot at Microsoft Ignite 2023. I give you an overview of the excitement generated by this upcoming product, a quick summary of announcements, and how to get access now. I also talk about one of our latest integration partners, Tanium.
This post brought to you by:
* Tip: Catch up on Microsoft Security Copilot Over a Weekend: https://rodtrent.substack.com/p/tip-catch-up-on-microsoft-security
* How Microsoft Security Copilot Can Help Defend Against Cyberthreats: https://rodtrent.substack.com/p/microsoft-security-copilot-the-introduction
* Microsoft Security Copilot - the Introduction: https://rodtrent.substack.com/p/microsoft-security-copilot-the-introduction
Additional notes and links:
* Microsoft Ignite 2023 Book of News: https://news.microsoft.com/ignite-2023-book-of-news/
* The Microsoft Security Copilot official product page: https://www.microsoft.com/security/business/ai-machine-learning/microsoft-security-copilot
* Microsoft Security Copilot Docs: https://learn.microsoft.com/en-us/security-copilot/microsoft-security-copilot
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
This episode is brought to you by the Microsoft Sentinel SOC 101 series.
Here's the posts already available now:
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Brute Force Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Phishing Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-443
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Malware Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-321
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Cross-Site Scripting (XSS) Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-658
* Microsoft Sentinel SOC 101: Leveraging MITRE ATT&CK Techniques with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-leveraging
* Microsoft Sentinel SOC 101: How to Detect and Mitigate Supply Chain Attacks with Microsoft Sentinel: https://rodtrent.substack.com/p/microsoft-sentinel-soc-101-how-to-f83
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Angelica Faber joins me this episode to close out some burning questions that have plagued my brain for days. Thanks, Angelica for letting me sleep at night again!
This episode of After the Blog is brought to you by:
* Preparing the SOC for Generative AI
* My Current Thoughts on Using AI with a Modern SIEM
* Microsoft Security Insights Show Episode 167 - Angelica Faber
Notes/Links:
* Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/
* Angelica’s blog: https://myfabersecurity.com/
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Question of the week: Should someone focused on security take the Microsoft AI exams?
Notes/Links:
* Exam AI-900: Microsoft Azure AI Fundamentals: https://learn.microsoft.com/en-us/certifications/exams/ai-900/
* Exam AI-102: Designing and Implementing a Microsoft Azure AI Solution: https://learn.microsoft.com/en-us/certifications/exams/ai-102/
* Rod’s AI Repo: https://aka.ms/RodAI
* The Must Learn AI Security series: https://aka.ms/MustLearnAISecurity
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
Thanks so much to my guest for this episode for his expertise, Richard “Disney” Diver.
Answered in this episode:
* Just because it can, should Microsoft Sentinel be used for anything other than security purposes?
* Is Content Filtering and Abuse Monitoring for AI considered part of cybersecurity?
This episode is related to the original post here:
Catch the podcast at any of the following locations: Finding the After the Blog Podcast
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Microsoft Sentinel Newsletter]
[Subscribe to the Weekly Microsoft Defender Newsletter]
[Subscribe to the Weekly Azure OpenAI Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe -
This episode of After the Blog is based off the following blog post…
Show links and notes:
* St. Jude’s: https://www.stjude.org/
* The Microsoft Security Insights show: https://aka.ms/GetMSIShow
* Ontinue: https://www.ontinue.com/
* Book: Not with a Bug, But with a Sticker: Attacks on Machine Learning Systems and What To Do About Them
* Book: Must Learn KQL: Essential Learning for the Cloud-focused Data Scientist
* Must Learn KQL series: https://aka.ms/MustLearnKQL
Must Learn KQL stats…
Catch the podcast at any of the following locations: Finding the After the Blog Podcast
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Microsoft Sentinel Newsletter]
[Subscribe to the Weekly Microsoft Defender Newsletter]
[Subscribe to the Weekly Azure OpenAI Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
This is a public episode. If you’d like to discuss this with other subscribers or get access to bonus episodes, visit rodtrent.substack.com/subscribe
