CYBERDOM

Just another day of IR, Threat-Hunting & Microsoft Security

Tagged: KQL

KQL Hero 3

DEV

KQL – The mother of all languages in Azure

KQL, the Kusto Query Language, is used in many Microsoft services, including the Azure and Microsoft Security platforms such as the ATP family. This post is part of a series of blog posts about KQL....

Identify Forwarding with Kusto 2

KQL

Hunting Mail Forwarding with Azure Sentinel

Do you know what is occurring inside your Exchange environment? Probably no… in a single week, there are hundreds of changes inside Exchange Online by the IT team and some users’ changes. The Hunting Mail...

0

KQL

Learn KQL – Logical Operators

A logical operator is a symbol or word used to connect two or more expressions such that the value of the compound expression produced depends only on that of the original expressions and on the...

0

KQL

Learn KQL – Numerical Operators

In numerical analysis, a numerical method is a mathematical tool designed to solve numerical problems. The implementation of a numerical method with an appropriate convergence check-in in a programming language is called a numerical algorithm....

0

KQL

Learn Kusto Query Language – String Operators

Kusto Query Languageย  (aka KQL) offers multiple query operators for searching string data types. When working with KQL we’re usually using many commands, whether its from functions through statement and operator. The following blog-post describes...

Advanced Hunting Heroโ€™s with MDE 3

Microsoft 365 Security

Advanced Hunting 4 Hero’s

While working with security incidents, the primary key is information. Things like important information, logs, data sources, a correlation between all data, and the signals – All of these are valuable when hunting and searching...

error: Content is Protected !!