This blog is a little bitter, but it's what it isπ«
Detecting Vulnerable Drivers (a.k.a. LOLDrivers) the Right Way
https://academy.bluraven.io/blog/detecting-vulnerable-drivers-using-defender-for-endpoint-kql
Mehmet Ergene
Threat Hunting & Research, Detection Engineering
Microsoft MVP #ThreatHunting #DFIR #DataScience #KQL
All is one.
Opinions are my own
π¨ Test your Lateral Movement investigation skills!
I have just added a new challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course!
You can even test your AI agents' skills π
#KQL#Kusto#MicrosoftSentinel#MicrosoftDefender
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis
π£ HAPPY EASTER CAPSTONE! π‘οΈ
My KQL courses now include a complete attack scenario to test your skills β end to end.
π― Hands-on labs
π 20% OFF for a limited time!
Crack it open π
#KQL #Kusto #ThreatHunting #DetectionEngineering #DFIR
https://academy.bluraven.io
π NEW UPDATE:
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
π
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis
π¨ FREE unlimited lab access to "Introduction to KQL for Security Analysis" course!
Thrilled to announce that my Intro to KQL for Security Analysis lab environment is now completely free with no time restrictions!
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis
π₯² Seems like you don't even have to use residential proxies for device code phishing for evasion. Just get a machine in one of the cloud providers' corresponding regions. π€·ββοΈ
I used plaintext roadtx and then used roadrecon to dump Entra ID data. I even caused sign-in failures. There isn't any CAP in this tenant. Could that be the reason? AFAIK, it doesn't affect risk identification.
π Fall in Love with Threat Hunting, Incident Response, and Detection Engineering using #KQL π
Code: VLTN30
Valid until 17.02
@hexacorn Will do an update tomorrow, thanks!
[NEW BLOG]
EDR Silencer and Beyond: Exploring Methods to Block EDR Communication - Part 2
In collaboration with
@fabian_bader
π Advanced Time Series Anomaly Detection: Discover methods youβve never seen before.
π Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection.
π Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills.
https://academy.bluraven.io/advanced-hands-on-kql-for-threat-hunting-and-detection-engineering
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse
Announcing my new course: Advanced Hands-On KQL for Threat Hunting and Detection Engineering! πβ¨
This course is designed to take you from zero to master, equipping you with cutting-edge skills to stay ahead in the cybersecurity game. Hereβs what you can expect:π
Mehmet Ergene boosted:
π FREE Hands-On KQL for Security Analysis Course is now available! π
β
50 seats bi-monthly
β
Certificate of completion
β
14-day lab with real-world Microsoft Sentinel and Defender XDR logs π₯π₯
Enroll for #FREE π
https://academy.bluraven.io/intro-to-kql-for-security-analysis
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training
π FREE Hands-On KQL for Security Analysis Course is now available! π
β
50 seats bi-monthly
β
Certificate of completion
β
14-day lab with real-world Microsoft Sentinel and Defender XDR logs π₯π₯
Enroll for #FREE π
https://academy.bluraven.io/intro-to-kql-for-security-analysis
#KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training
π I just started offering Subscription plan for "Hands-On Kusto Query Language (KQL) for Security Analysts" course!
π https://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts
#KQL #Kusto #SIEM #MicrosoftSentinel #cybersecurity #training
π¨ #KQL Course Update and Anniversary Discount!
The "Hands-On Kusto Query Language (KQL) for Security Analysts" course has been updated with 5 new exercises focusing on aggregations to answer investigative questions, with more to come! The course now offers:
β
Lots of examples in the lessons
β
A total of 23 exercises
β
2 Investigation scenarios
allowing you to enhance your skills in Kusto Query Language.
Last ~24 hours to get it 30% OFF!
https://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts
#KQL
#SecurityAnalysis
#Training
#ThreatHunting
#IncidentResponse
#MicrosoftSentinel
#MicrosoftDefender
#M365Defender
#DFIR
#DataAnalysis
πβ 20% OFF for "Hands-On Kusto Query Language (KQL) for Security Analysts" course!
The course just got a revamp, tailored specifically to meet the needs of analysts. It's now more accessible and offers lifetime access!
Use "ANALYST23" at the checkout as a holiday gift for 20% OFF!
(Expires 31.12.2023)
Don't worry, you can start your lab access period whenever you want!
πβhttps://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts
π "Hands-On KQL for Security Analysts" Course is Now Live!
After months of dedicated work, fine-tuning, and anticipation, I am thrilled to invite you to begin your journey in mastering KQL. Whether you're a seasoned security analyst or aspiring to enhance your skills, this course is the gateway to elevating your expertise!
β
Ready to Begin?
Embark on your learning journey today. Click the link below to enroll and take the first step toward becoming a KQL expert!
https://academy.bluraven.io/hands-on-kusto-query-language-kql-for-security-analysts
#KQL #SecurityAnalysis #Training #ThreatHunting #IncidentResponse #MicrosoftSentinel #MicrosoftDefender #M365Defender #DFIR #DataAnalysis
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst