Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Azure Sentinel webinar: Pre-Recorded Datasets for research and training purposes

Microsoft Security Community
33.6K subscribers
<__slot-el>
<__slot-el>
These chapters are auto-generated

Intro

0:00

Microsoft Security

2:25

Consuming Indicators: Community

9:33

Threat Research Methodology

10:16

Behavior: Windows Security Events

13:34

Let's Empower Others!

14:15

Mordor Project

14:58

Lateral Movement WMI Win32_Process Create

17:34

Mordor Labs

21:27

Azure Resource Manager Service

21:42

Azure Resource Manager Templates

21:59

The Shire (Windows)

22:15

Windows Event Collection

22:49

Kafkacat.conf: Azure Event Config

25:31

Kafkacat: Empire Lateral Movement via WMI

26:52

Azure Monitor HTTP Data Collector API

29:51

Python: HTTP Data Collector API

30:06

Plain Python: Proof of Concept Script

30:49

Azure Sentinel - Check Custom Logs

32:59

Azure Event Hub + Logstash + HTTP Data Collector API

35:39

Azure Sentinel To-Go!: Custom Logs Pipe

38:31

What's all this data?: ATT&CK Evals APT29

41:11

Lateral Movement: New Services Installed

42:58

Roadmap

52:23

Q&A | Ask the speaker by submitting a question or upvote for questions

58:03
Azure Sentinel webinar: Pre-Recorded Datasets for research and training purposes
26Likes
1,363Views
2020Sep 14
#MicrosoftSentinel To ensure you hear about future Microsoft Sentinel webinars and other developments, make sure you join our community by going to https://aka.ms/SecurityCommunity Deck shared during the webinar can be accessed on https://aka.ms/SecurityWebinars below the recordings section.

Follow along using the transcript.

Microsoft Security Community

33.6K subscribers