Kusto Query Language (KQL) for Cybersecurity

سرفصل های دوره

Learn KQL in Azure Log Analytics, Security Copilot, Sentinel, Defender XDR and more

1 - Introduction

1 - Azure Newsletter.txt

1 - Bluesky.txt

1 - Cybersecurity Newsletter.txt

1 - LinkedIn.txt

1 - My Website.txt

1 - Threads.txt

1 - Welcome

1 - X.txt

2 - KQL-Slides.pdf

2 - Slides

3 - Basics.html

4 - FAQs.html

2 - Basics Security Operations Center SOC

5 - Complexity and Cyber Security Challenges

6 - What is a SOC

7 - SOC Tier Model

8 - Cyber Security Incident Response Process

9 - EDR XDR SIEM SOAR

10 - Blue Red Purple Teaming

3 - Basics Azure

11 - Cloud Computing Properties

12 - Cloud Computing Types

13 - Azure Global Backbone

14 - Shared Responsibility Model

15 - Azure Resource Hierarchy

16 - Azure Subscription Types

17 - Entra ID Tenants and Azure Subscriptions

4 - Basics Microsoft Security

18 - Zero Trust

19 - The Microsoft Security Cosmos

20 - Defending Across Attack Chains

5 - The Kusto Query Language KQL

21 - What is KQL

22 - Demo KQL Playground

22 - KQL Playground.txt

6 - KQL Operators Fundamentals

23 - search

24 - where

25 - datetime timespans

26 - count dcount summarize top

27 - order sort take

28 - extend project

29 - contains startswith endswith

30 - let

31 - render

7 - KQL Operators Joins and Union

32 - union

33 - inner join

34 - left outer join

35 - right outer join

36 - full outer join

8 - KQL in Microsoft Security Copilot

37 - Demo Get your Azure Subscription

37 - Get your free Azure subscription.txt

38 - What is Security Copilot

39 - From Prompt to Reponse

40 - Architecture

41 - Extending Copilot with Plugins more

42 - Privacy Implications

43 - Authentication RBAC

44 - Standalone vs Embedded Experience

45 - Pricing

46 - Onboarding Requirements

47 - IMPORTANT DO NOT SKIP.html

48 - Azure Portal.txt

48 - Demo Create Compute Capacities

49 - Demo Security Copilot

49 - Security Copilot.txt

50 - Demo KQL with Security Copilot

9 - KQL in Microsoft Defender for Cloud

51 - What is Defender for Cloud

52 - Azure Portal.txt

52 - Demo KQL in Defender for Cloud

10 - KQL for Microsoft Sentinel

53 - What is Sentinel

54 - Azure Portal.txt

54 - Demo KQL in Sentinel

11 - KQL in Microsoft Defender XDR

55 - Demo Get E5

55 - Get E5.txt

56 - What is Defender XDR

57 - Defender XDR.txt

57 - Demo Configure RBAC

58 - Demo Create Sample Alerts in Defender for Cloud

59 - Demo Manage Incidents and Alerts

60 - Azure Portal.txt

60 - Defender XDR.txt

60 - Demo Connect Sentinel to Defender XDR

61 - Demo KQL in Defender XDR

12 - KQL Queries for Microsoft Entra ID

62 - What is Microsoft Entra ID

63 - Entra ID Authentication Methods

64 - Conditional Access

65 - Azure Portal.txt

65 - Demo Conditional Access

66 - Identity Protection

67 - Azure Portal.txt

67 - Demo Identity Protection

68 - KQL Hunting Queries Suspicious Signin to privileged Accounts

68 - Suspicious Signin to Privileged Account.txt

69 - Brute Force.txt

69 - KQL Hunting Queries Entra ID Brute Force

70 - Conditional Access Policy Modified by New User.txt

70 - KQL Analytic Rule Conditional Access Policy modified by new User

13 - KQL Queries for Cyber Threat Intelligence CTI

71 - What is a Threat

72 - Intelligence Threat Intelligence Cyber Threat Intelligence CTI

73 - What is CTI

74 - Threat Vulnerability Risk

75 - ThreatInformed Defense

76 - Tactics Techniques Procedures TTPs

77 - IOCs IOAs

78 - Pyramid of Pain

79 - CTI Sources

80 - KQL Hunting Queries File Entity Office Activity

80 - Query.txt

81 - KQL Hunting Queries Security Events

81 - Query.txt

14 - KQL Queries for Azure Firewall

82 - Azure Firewall

83 - Azure Portal.txt

83 - Demo Azure Firewall

84 - KQL Hunting Queries Source IP Abnormally Connects to Multiple Destinations

84 - Query.txt

139,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy