Tags access management1 advanced hunting1 alert enrichment1 analytic rules3 app registration monitoring1 arm1 arm templates2 asr rules1 attack surface reduction1 attacker persistence1 audit mode in intune1 authentication flow abuse1 autopatch hotpatch1 autopatch licensing1 azure2 azure ad sign-in logs1 azure automation1 azure data explorer1 azure devops1 azure devops integration1 azure iac1 azure lighthouse1 azure resource manager2 azure roles1 azure security3 azure sentinel github1 basic-authentication1 beginner1 blocking malicious behavior1 cloud security automation2 community detection rules1 community workbooks1 conditional access1 cross tenant management1 custom deployment1 defender for business1 defender for cloud apps1 defender for endpoint tips1 defender for identity1 defender for office 3651 defender portal integration1 delegated access1 deployment1 detection engineering1 detection rule deployment1 detection rules2 device code flow1 device code phishing1 device registration abuse1 device security1 dkim1 dmark1 dns1 e5 security addon1 email security coverage1 endpoint protection2 endpoint security1 entra id1 exchange-online1 feature updates1 github1 homelab1 hunting dashboards1 iac1 incident response1 infrastructure as code2 initial access detection1 intune patch management1 intune security policies1 jekyll1 json conversion1 kql2 kql detection rules1 kql for asr1 kql phishing detection1 kql queries1 kql rules1 kusto detective agency1 kusto query language2 kusto-query-language1 legacy-authentication-removal1 log analytics1 logic apps1 m365 updates1 malware defense1 microsoft 365 business premium1 microsoft 365 security1 microsoft autopatch1 microsoft defender1 microsoft defender for endpoint1 microsoft defender for endpoint plan 21 microsoft defender portal1 microsoft intune autopatch1 microsoft licensing1 microsoft security stack1 microsoft security tools1 microsoft sentinel6 microsoft xdr3 microsoft-365-security1 microsoft-entra1 microsoft-graph-api1 mitre att&ck1 mitre framework1 modern-authentication1 oauth-authentication1 phishing detection1 phishing simulations1 powershell script1 refresh token abuse1 rogue device registration1 role based access control1 safe links1 security add-on1 security analytics2 security as code1 security configuration1 security content deployment1 security hardening1 security hardening windows 101 security hardening windows 111 security monitoring2 security operations1 security rule conversion1 security rule management1 security updates1 self-hosted1 sentinel alerts1 sentinel analytic rules1 sentinel automation2 sentinel content hub1 sentinel contributor1 sentinel dashboard1 sentinel deployment1 sentinel devops integration1 sentinel multitenant1 sentinel permissions1 sentinel playbooks1 sentinel workbooks1 sentinelarconverter1 siem and xdr integration1 siem dashboards1 siem recommendations1 siem solution1 sign-in-logs1 single pane of glass1 smb security1 smtp-auth1 smtp-client-submission1 soc optimization1 spear phishing detection1 spf1 storm-23721 teams phone security1 threat detection2 threat hunting1 threat intelligence1 threat prevention1 threat visibility1 token-based attacks1 unified coverage management1 unified security operations1 website1 what is kql1 wildcard exclusions risk1 windows 11 hotpatching1 windows 11 updates1 windows autopatch1 windows security1 windows update rings1 workbook customization1 workbook integration1 xdr coverage gaps1 xdr portal1 xdr workbooks1 yaml conversion1 yaml to json2