Jonathan DeLeonmrcyberleon.hashnode.devยทAug 24, 2024Utilize Custom Analytics with Query in Microsoft Sentinel to monitor for malicious login activities.Objective: Utilize SIEM technology to consolidate logs (Windows Events) for ingestion into the SIEM and formulate a custom analytics query to run/detect potential malicious activity, thereby monitoring for possible Brute Force Login attempts. Tools: ...AzureAdd a thoughtful commentNo comments yetBe the first to start the conversation.