97. Microsoft Azure Sentinel
97. Microsoft Azure Sentinel
Jelle and Gerben talk about Microsoft Azure Sentinel. They discuss how to set up monitoring and incident response, demonstrating how Sentinel can be used to centralize security data from Azure activity logs for better visibility and automated response. Key points include ingesting logs into a Log Analytics workspace, using content packs for data connectors and analytics rules, and scanning data at the subscription or resource group level. They also show how logs can be analyzed for potential threats using queries and custom alerts. Their discussion emphasizes starting small, continuously improving rules and workbooks over time based on detected signals, and considering red team testing to evaluate detection capabilities.
Links for more information:
More videos
-
132. Antipatterns in test automation
Bram and Christian discuss test automation pitfalls, urging discipline, less UI logic, backend testing of business rules, and improving stability with better data and environments.Content typeVideo
-
131. ShellGPT: Your AI Assistant in the Terminal
Christian and Bram explore ShellGPT, configuration, command generation, file summaries, data transformation, web deployment with Docker, and iterative REPL scripting.
Content typeVideo
-
130. How SBOMs Expose Vulnerabilities in Your Software Supply Chain
SBOMs provide insight into software components, help identify vulnerabilities, increase transparency, and improve risk management for developers, DevOps engineers, and security professionals.
Content typeVideo
Stay up to date with our Betatalks and tech updates!
Sign up and receive a biweekly update with the latest knowledge and developments.