KQL - Category - Cloudbrothers

KQL

2022

Azure Attack Paths 03-22

Detect and alert on unusual high phish or malware email volume 03-07

Current limits of Defender AV Tamper Protection 02-15

Defender for Endpoint - Did the Antivirus scan complete? 01-28

2021

Alert changes to sensitive AD groups using MDI 11-05

Automated response to C2 traffic on your devices 10-18

Bypass sensitivity label restrictions with mobile Edge and conditional access policies 08-30

Create persistent Defender AV exclusions and circumvent Defender for Endpoint detection 08-04

Operator mvexpand: expanded expression expected to have dynamic type 04-19

The case of the... The Sign-in method you're using isn't allowed 03-29

1
2
3
4