Видео

How much does it cost for these labs?

very instructive video, keep going

You are great!

Amazing thank you and amazing coffee machine BTW!

Hey, I really liked your content; it is really good. Can you please share your GitHub repo or the ARM template used?

Thanks for your video! Very informative. Could you please make more videos like this? We are in the early stages of building out Copilot usage for 365 and I found this extremely helpful. Thank you

we need to see how we can cover all these points and make sure the number of secure score increased

Are these lures/decoys installed on actual devices?

Will I be able to use the graph API to send Microsoft Defender alerts to a ticket system?

Thanks AzureVlog Team for the content, Screen clarity can be improved , not able to read words and options you are selecting,

Are there any types of sentinel alerts that won't show up in MSgraph API? We are ingesting msgraph API alerts and we have a lot of sentinel and defender alerts being logged to the SIEM, but there was one type of sentinel alert which was a scheduled detection i believe that didn't show up in our msgraphAPI logs and I can't figure out why?

Opbouwend kritiek: oefen het alfabet in het Engles want je gebruikt de Nederlandse uitspraak ❤

DLP On-premises Scanner 😊

Friend, I just started my first job, and my first challenge is working in Purview with another colleague. We were running tests and realized that we created the labels, then published them, but we only applied them to our users. However, we were later informed that other users in the organization reported labeled files, even though they weren’t included. I’m not sure if you might have an idea of how to fix this. We also added groups, but the labels didn’t apply. Another thing is that the DLP part is something to include later (Sorry, I’m still documenting myself). What could have happened?

Just brilliant - exactly what I have been looking for. Dank je wel.

Thanks for the content. Is this the same process as the one for onboarding to Defender for Endpoint? In other words I don't have MDE so I can't onboard devices but I do get the option from Purview..

Thanks man very helpful

You are a life saver. Thanks man!

Can you help me with more repro of the deception feature please please..if u can help me with the test commands so that I can reproduce it

Hi, I need to know the ip address of the machine I'm connected to...

More pls

Thanks

need more of this pls! but how do you give the permissions to the RG? do you do that under logic apps role assignment and scope to the RG of the workspace?

thank u man

You are a living legend, thanks for the TIps

Came for azure stayed for the coffee

Good tip!

Nice introduction! Please keep sharing 👍

Good demonstration 🎉

awesome content

Hi, I'm always trying to replicate in a lab all your videos, so that I can truly learn and understand, Thanks a lot for all your videos. Can you provide more details on the App Registration and on the "Parse JSON" action? I'm stuck in those two...

i think sentinel can automatically do this now...saw a video about auto integration with virus total

really nice, really cool

Just what I needed to onboard my first servers using Defender for Cloud tomorrow.

It always says the following error: Can't get account information Try again in a few minutes. If the issue persists, contact an administrator. please help me

How do you connect and setup the azure firewall

The problem is this is very expensive. 😂

Congratulations on your channel; it's helping me a lot. It's always bringing new information and helping those who want to stay updated in the world of Microsoft cybersecurity. You are very good! Thank you for sharing with us

In sentinel log in OperationName column nothing is appearing what to do?

Nice introduction, I'm looking forward to see some of the uses for Copilot for Security. I just deployed it in my tenant and began using it. I'm currently working on having it automatically provide an executive summary for incidents using the one from the promptbook. Since there isn't a way to run a whole promptbook automatically, I am writing a Logic App in Sentinel that basically runs each prompt of that promptbook, and will continue using the same session ID for each one until the executive summary is complete. Then, it can add the summary to the incident as a comment. Since this normally takes some time, having it run automatically so the comment is already present by the time you review the incident will be nice. Another tip to optimize SCU resource utilization is to limit using Copilot for queries. If there is something that can be defined by a KQL query, you can do that and feed the results to Copilot instead of asking it to do that query. For example, instead of saying "Go back and tell me about Security Incidents in Sentinel that happened in the last 12 hours", you can run a KQL query to return the Incident numbers during your desired time, and then instead ask Copilot "Tell about about the following Security Incidents" and then list the KQL results. This way Copilot doesn't have to use resources to figure out simple things like "what time is it now and how far is 12 hours back" and "What incidents were created in that time range". Cheers!

I need to be able to collect and change alerts' status from an external alert management system. Should I use Graph Security API or Azure Management API? What are the prerequisites for the Sentinel alerts appearing in the graph API? Thanks!

tried this, said it no longer works at open ai model is deprecated. is there any workaround?

can you make a video to show how to auto add ip addresses or urls detected in your TI feed to your org's block list automatically

Security Copilot is not living up to the potential promised in current version. It can not decode base64 and it can not decode powershell obfuscated script if it has more then a few words. the limitations here are massive. And the code analyser uses so much SCU even if it fails (6 to 8.5).

Good job and Nice video! Please keep sharing❤ Looking forward to seeing Purview related video, thanks

Kudos to you mate, great high level tutorial. Implementing similar to gather response for risky users :).

Can you create openai do a simple video in sentinel to reduce false positives ?

Is there anyway to reduce false psotives in azure ?

Hello, do you know if Multi Tenant Support for the unified Portal will be available (for example if I have multiple Sentinel Workspaces with Azure Lighthouse or Multiple XDR Tenants via MTO Defender)?

Greetings and thank you for all your great content. I've really been looking forward to the unification of Defender Portal and Sentinel but once connected I felt there is alot missing still. Playbooks for example. We use those extensively to enrich our entities in Sentinel Incidents but I have yet to find a way to do that in the Defender Portal