Top Tweets for #KustoQuery

10 months ago

That's me after owning the make-graph operator and building my first #KQL query for Exposure Management in Advanced Hunting. More, coming soon. #KustoQuery

Cyb3rMik3's tweet photo. That's me after owning the make-graph operator and building my first #KQL query for Exposure Management in Advanced Hunting.

More, coming soon.

#KustoQuery https://t.co/lJhX2nQvyL

3

13

2

0

1K

about 1 year ago

April's Kusto Insights newsletter curated by @UgurKocDe & @BertJanCyber just dropped! 🔗 https://t.co/ctWDM2bfCw #MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery #KQL #KustoQueryLanguage

0

6

2

1

404

about 1 year ago

Another great newsletter of Kusto Insights curated by @UgurKocDe and @BertJanCyber! Awesome highlighted #KQL query by @RobbeVdDaele. 🔗 https://t.co/hQVP9nb2kW #MicrosoftSecurity #MicrosoftDefender #MicrosoftSentinel #KustoQuery

0

11

5

702

over 1 year ago

Threat Hunting step-by-step: Collecting Web Shells 🐚 using Ephemeral Baselines by @ateixei #ThreatHunting #KQL #KustoQuery https://t.co/uGIl1hdqwj

0

17

4

8

1K

over 1 year ago

Have you checked October's Kusto Insights by @UgurKocDe & @BertJanCyber? 🔗 https://t.co/QdeHlIbI5u #KQL #KustoQuery #KustoQueryLanguage

Cyb3rMik3's tweet photo. Have you checked October's Kusto Insights by @UgurKocDe & @BertJanCyber?

🔗 https://t.co/QdeHlIbI5u

#KQL #KustoQuery #KustoQueryLanguage

0

6

3

541

about 2 years ago

Exposure Management is growing well, two new tables have been introduced to help investigate security posture: ExposureGraphNodes and ExposureGraphEdges. #DefenderXDR #AdvancedHunting #KQL #KustoQuery https://t.co/qs2DceP6U6

0

7

1

3

676

about 2 years ago

📢 new #KQL query! ➡️ Rclone has raised to be the most prolific exfiltration tool in ransomware attacks. The following query will detect any Rclone execution. #KustoQuery #ThreatDetection #MDE #DefenderXDR https://t.co/8PxZ7Mecge

0

63

15

45

5K

about 2 years ago

Just updated my #KQL repo, including @BluRavenSec newly introduced FREE introductory course in the KQL Training section. Also, @Cyb3rMonk introduced a subscription model making his courses far more accessible. ➡️ https://t.co/wYPquwhzuQ #KustoQuery https://t.co/dZ4W4ht3DG

2

51

9

23

4K

about 2 years ago

According to @rodtrent, today marks the 10th anniversary for Kusto Query Language! 🎉 It's awesome to recognize the importance of #KQL today and the rapidly growing community that has been built from practitioners... [1/3] #KustoQuery #KustoQueryLanguage

1

21

3

4

1K

over 2 years ago

UEBA: KQL Queries for Sentinel: #kql #KQL #Kustoquery #Sentinel https://t.co/2Ykk7qpvoK

0

4

0

4

235

over 2 years ago

🖥️ Looking for a curated list of DFIR resources for #Microsoft Defender for Endpoint? ➡️ Check the list here: https://t.co/S9c9aFrcr4 🔒 In this repo... [1/3] #MicrosoftSecurity #MicrosoftDefender #DefenderforEndpoint #KustoQuery #DFIR #IncidentResponse #DigitalForensics

1

192

51

133

43K

about 3 years ago

Hunt for the Internet facing Servers/Endpoints in your organization using #KQL Adavanced Hunting in #DefenderforEndpoints #kustoquery #ThreatHunting #ThreatIntelligence #Microsoft365 #SIEM #usecase #AzureSentinel #MicrosoftSentinel

InfosecPandey's tweet photo. Hunt for the Internet facing Servers/Endpoints in your organization using #KQL Adavanced Hunting in #DefenderforEndpoints
#kustoquery #ThreatHunting #ThreatIntelligence #Microsoft365 #SIEM #usecase #AzureSentinel #MicrosoftSentinel https://t.co/8wkHW9IW1B

0

3

2

1

400

about 4 years ago

Advanced render option with #kql Example: | render columnchart with ( kind=unstacked, xtitle="Day", // x-axis of chart ytitle="Count", // y-axis of chart title="TITLE") #Azuresentinel #MSSentinel #Sentinel #Kustoquery #KQL

0

12

3

2

0

about 4 years ago

Exclude the empty values from #KQL results: #Sentinel #Kustoquery #SIEM #loganalysis #threathunting #defenderforendpoints #advancedhunting

InfosecPandey's tweet photo. Exclude the empty values from #KQL results:
#Sentinel #Kustoquery #SIEM #loganalysis #threathunting #defenderforendpoints #advancedhunting https://t.co/4ryAxr8ZYT

0

5

3

1

0

over 4 years ago

Syslog collector log failure hunt: This will identifies if one or more syslog collectors if they have not provided any logs for the past 5 minutes. Even we can create an alert for this use case. #KQL #Kustoquery #Sentinel #defender #threathunting #Kustoquery

over 4 years ago

Syslog collector log failure hunt: This will identifies if one or more syslog collectors if they have not provided any logs for the past 5 minutes. Even we can create an alert for this use case. #KQL #Kustoquery #Sentinel #defender #threathunt https://t.co/TwrQtTRzEH

InfosecPandey's tweet photo. Syslog collector log failure hunt:
This will identifies if one or more syslog collectors if they have not provided any logs for the past 5 minutes. Even we can create an alert for this use case.
#KQL #Kustoquery #Sentinel #defender #threathunt
https://t.co/TwrQtTRzEH https://t.co/t6DD3513bH

0

1

0

2

0