Building a Sentinel Detection Lab, Part 1: Catching Brute Force (and the Bug That Flagged the Wrong Account)

Part 1 of a series on building a detection engineering lab in Microsoft Sentinel from scratch. This post: writing my first detection, and the parsing bug that taught me more than the detection itself.