Olivia
Online
KQLCafe
@KqlCafe
A Community to make the world a better place with KQL | Learn, share and practice the KQL language | #kql #threathunting #security
Joined October 2021
2 Following
1.5K Followers
195 Posts
🚀 Join us at KustoCon 2026 in Zürich & online for deep dives into KQL, Defender XDR, threat hunting & AI.
📍 Microsoft Switzerland, The Circle
🎟️ https://t.co/bsw1fTn8MS
#KustoCon #KQL #CyberSecurity
☕ KQL Café May 2026 is live!
🎙️ Sergio Albea on smarter Threat Intel feeds:
- TIPS scoring model
- Match 4 AI selection engine
- Claude-powered IOC live-status checks
- MISP via Logic Apps + Graph API
▶️ https://t.co/s7r4zw3FBc
#KQLCafe #KQL #ThreatHunting
New Blog: EDR Incident Response Playbook: Containing Local Account Incidents
🔗https://t.co/v4ey1LZZsp
Today I’m announcing Advanced Threat Hunting & Detection Engineering in the Enterprise.
This course is for detection engineers, threat hunters, and security teams who want to build resilient behavioral detections without investing heavily in additional tools or resources.
It's also for red teamers who want learn how they are detected.
Attackers don’t operate as isolated events. They move across endpoints, identities, and cloud services. They bypass telemetry, steal tokens, abuse legitimate workflows, and blend into normal activity.
This course teaches a practical framework to detect that behavior before the damage is done:
- Around 20 high-order behavioral detections for Windows and Entra ID attacks
- AiTM activity, Entra ID token theft, and stolen token abuse
- Full attack-chain labs with realistic false positives
- Detection gaps and compensating detections
- Vendor-agnostic logic adaptable across tools, clouds, and platforms
Detecting majority of the threats at their earliest stages is possible without excessive overhead or cost. I've proved it with this course.
https://t.co/liYSptWQAI
Who to follow
Ugur Koc
@UgurKocDe
Microsoft MVP | https://t.co/jWfpL5ZhR0
Olaf Hartong
@olafhartong
@FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
Dr. Nestori Syynimaa 
@DrAzureAD
Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK).
And yes, opinions are my own ;)
Dear KustoFans,
Tomorrow at 18:00 CEST, @alexverboon and I welcome Laurie Rhodes to KQL Café. No spoilers, but expect hints of KQL experimentation, offline workflows, and graph-based exploration.
Join us:
https://t.co/kZfDN8WfEB
Disabling a user account during a security incident removes them from all Microsoft Teams. Private channel membership is not automatically restored. This #KQL query lists all private channels the user was removed from.
https://t.co/zM5SceGWv8
Time for your monthly dose of Kusto!
Kusto Insights - October Update is out: https://t.co/4pCzVU889S
KustoCon 2025 https://t.co/42jMpdnKS5
🚨 Today 18:00 CEST: KQLCafe ☕ June 2025!
Guest @Thomas_Live shares KQL for Privileged Identity & Access (Entra).
Register 👉 https://t.co/2OI1kbtgCL
#KQLCafe #KQL #Sentinel #DefenderXDR #EntraID #CyberSecurity
📢 New #KQLCafe just dropped on YouTube
🔹 sKaleQL Michals Michalos and Christos Galanopoulos
🔹 Defender hunts Teams messages
🔹 Multi-Tenant Defender is GA
🔹 Detecting malicious PowerShell
🎥 https://t.co/KJGAVDzNxh
📝 https://t.co/z1NdDQyU4C
#KQL #DefenderXDR
@sncdrx Dear Syncall, I think this can be requested from Meetup, they are handling the payment. If this does not work out, let us know.
🎉 KustoCon 2025 is official!
Watch the announcement video and register now for the main event or join us onsite in Zurich for also the hands-on detection engineering workshop!
Info & sign-up: https://t.co/GnPSgaJYEs
#KustoCon #KQL #KustoFans
KustoCon 2025
https://t.co/b2Bgzk9V1j
Next Tuesday, May 27th Christos Galanopoulos and I will join my dear fellows @alexverboon and @castello_johnny at this month's 𝐊𝐐𝐋 𝐂𝐚𝐟𝐞.
Christos Galanopoulos and I worked over the past couple of months on 𝐬𝐊𝐚𝐥𝐞𝐐𝐋, a tool that allows query automation on your log analytics workspace, through GitHub actions. We are going to elaborate how this tool works and provide a couple of examples of how one can benefit from this tool.
📅 Have you registered for next week's 𝐊𝐐𝐋 𝐂𝐚𝐟𝐞? No? Please do so here: https://t.co/IRUl3iYfZ9
⚙️ Have you checked 𝐬𝐊𝐚𝐥𝐞𝐐𝐋? If not, check it out here: https://t.co/HMW5fWk9U7
#MicrosoftSecurity #MicrosoftCommunity #KQL #KustoQuery #KQLCafe #sKaleQL #GitHub #GitHubActions
New to KQL? In this quick beginner’s guide, I’ll explain what Kusto Query Language is, where it’s used in Azure, and how to write simple queries using operators and functions. Perfect for IT pros, security analysts, and data enthusiasts.
https://t.co/t830gWzAEY
Finally took the time to write a quick blog post on my #100DaysOfKQL challenge.
https://t.co/Y1gxwdkirm
The tl;dr is that I'm never doing anything like this again, at least, not before I have a LOT more free time than I have now. But very happy to have gone through with it!
RT @castello_johnny: Bert-Jan Pals joins the latest #KQLCafe to share how he uses Microsoft security APIs and Azure Logic Apps for incident…
Some time ago, I developed some #KQL queries to get insights on the data you have available.
The results list information about tables, sub-tables and entities.
Choosing a proactive approach to your data is highly recommended to stay on top of threats.
https://t.co/xQJNfYJmFK
The ClickFix Triage KQL query is now available. The blog will be out next Tuesday.
https://t.co/2yd6NgZmZQ
Enjoy the weekend!
@BertJanCyber Thanks everyone who joined today
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers