ᴍɪᴄʜᴀʟɪs ᴍɪᴄʜᴀʟᴏs
@Cyb3rMik3
Followers
4K
Following
17K
Statuses
10K
SecOps, DFIR & CTI 🛡 | Microsoft Security #MVP, #KQL Threat Hunting 🏹 | Father 👭/Hasbund 👫/🍷&⌚️ enthousiast/Explorer ✈️ | Views my own.
Greece
Joined February 2008
🚀 I honestly wasn't expecting these news today but, I am incredibly honored I got accepted in Microsoft's MVP (Most Valuable Professional 🏆) program for SIEM & XDR! 🎉 I feel extremely lucky being part of a dynamic community of cybersecurity professionals from all around the 🌍 Onwards and upwards! 😎 #MVPBuzz #MicrosoftMVP #MicrosoftSecurity #MicrosoftXDR #MicrosoftSentinel
12
8
116
@DylanInfosec I think this is one of the tables I love joining with many others for hunting. I am confident that should have lot's of goodies! :)
0
0
2
📢 𝐒𝐢𝐠𝐧𝐢𝐟𝐢𝐜𝐚𝐧𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐨𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞! Over the past days a few updates surfaced about MDTI⤵️ 1️⃣ 𝐓𝐡𝐫𝐞𝐚𝐭 𝐈𝐧𝐭𝐞𝐥𝐥𝐢𝐠𝐞𝐧𝐜𝐞 𝐢𝐧𝐠𝐞𝐬𝐭𝐢𝐨𝐧 𝐨𝐩𝐭𝐢𝐦𝐢𝐳𝐚𝐭𝐢𝐨𝐧 Optimize threat intelligence feeds by filtering and enhancing objects before they're delivered to your workspace. Ingestion rules update attributes, or filter objects out all together. 🔗 More info: 2️⃣ 𝐔𝐬𝐞 𝐦𝐚𝐭𝐜𝐡𝐢𝐧𝐠 𝐚𝐧𝐚𝐥𝐲𝐭𝐢𝐜𝐬 𝐭𝐨 𝐝𝐞𝐭𝐞𝐜𝐭 𝐭𝐡𝐫𝐞𝐚𝐭𝐬 This built-in rule in Microsoft Sentinel matches indicators with Common Event Format (CEF) logs, Windows DNS events with domain and IPv4 threat indicators, syslog data, and more. 🔗 More info: #MicrosoftSecurity #MicrosoftSentinel #MicrosoftDefender #CyberThreatIntelligence #ThreatIntelligence #ThreatIntel #CTI #TI
1
9
32
RT @maarten_goet: 𝐖𝐡𝐚𝐭 𝐚 𝐥𝐢𝐧𝐞-𝐮𝐩! Get your hardhat on and join us 𝘭𝘪𝘷𝘦 on March 6th: #Yellowhat
0
2
0
Proud of you man! LFG! 💪
What an incredible way to kick off February! I’m thrilled to share some exciting news, after three years, I’m honored to rejoin the #MicrosoftMVP Program, this time as an #Azure Hybrid & Migration #MVPBuzz! 🎉 Looking forward to what’s next 🚀☁️🤘
0
0
5
That's a 25 year old song. TWENTY-FIVE! How time flies...
1
0
2
RT @SANSEMEA: 📊 Big events like elections and the Olympics bring unique cyber challenges—espionage, sabotage, and disinformation are on the…
0
2
0
It was an honor to have you, @DylanInfosec!
Well... that was an experience, I thought I prepared for everything. Not Teams failing, dug out an old laptop. Very big thanks to @Cyb3rMik3 for inviting me on and to anyone able to stick around and listen, thank you for your patience. I hope you were able to learn something new
0
1
5
It's here! Time to play...
📢 New feature available! Introducing a unified, security-focused case management system! The new case management service is now available in Public Preview within the Unified SecOps portal. Case management provides an introductory set of features that will be the foundation for future capabilities. With this new service you can: • Create and track your SecOps related cases in one place with the new cases page • Define your own workflow by configuring custom status values • Improve collaboration, quality, and accountability by assigning tasks and due dates. • Handle escalations and complex cases by linking multiple incidents to a case. • Manage access to your cases using RBAC 🔗 More: #Microsoft #MicrosoftSecurity #MicrosoftSentinel #MicrosoftDefender #UnifiedSecOps #CaseManagement
0
0
6
RT @alexverboon: Join us for the upcoming #KQLCafe session on January 28, 2025, featuring guest speaker Ian Hanley Register now: https://t…
0
5
0
📢 New feature available! Introducing a unified, security-focused case management system! The new case management service is now available in Public Preview within the Unified SecOps portal. Case management provides an introductory set of features that will be the foundation for future capabilities. With this new service you can: • Create and track your SecOps related cases in one place with the new cases page • Define your own workflow by configuring custom status values • Improve collaboration, quality, and accountability by assigning tasks and due dates. • Handle escalations and complex cases by linking multiple incidents to a case. • Manage access to your cases using RBAC 🔗 More: #Microsoft #MicrosoftSecurity #MicrosoftSentinel #MicrosoftDefender #UnifiedSecOps #CaseManagement
1
2
8
We finally made it! We are online with @DylanInfosec, join us talking about #MicrosoftDefender for Endpoint and Deception technologies!
📢 Don't miss @DylanInfosec tomorrow talking about deception with MDE! The Greek Microsoft Security Community is thrilled to host its 3rd meetup tomorrow, featuring an exciting discussion with Dylan. ℹ️ More info on how to join ⤵️
0
1
4
RT @mariamou_7: 🚀 Global Azure Greece 2025 is coming! 🌍 We’re excited to announce it’ll take place in person on May 10, 2025! 🎉 🎤 Call fo…
0
8
0
Hear me out, Microsoft nerds! I have been contemplating with a realization. If you haven't gone through @ateixei "The dotted lines between Threat Hunting and Detection Engineering", then you are missing by a lot a foundational source of how both disciplines work. Having said that, most of us have been working with Advanced Hunting tables from Exposure Management, and MDVM. While there are some detection and hunting opportunities, I feel there's much more space for building queries destined for remediations for vulnerabilities, misconfigurations, ommissions etc. Hence, is it safe to say we have a third discipline which refers to something like "detexposure engineering"? I mean, these analytics won't lead to isolations, or investigations but probably will require removing permissions, vulnerable certificates, remediate attacks paths etc. What are your thoughts in this? (Find below @ateixei article mentioned above)
1
8
35
📢 Don't miss @DylanInfosec tomorrow talking about deception with MDE! The Greek Microsoft Security Community is thrilled to host its 3rd meetup tomorrow, featuring an exciting discussion with Dylan. ℹ️ More info on how to join ⤵️
0
1
11
You can't build maps in the queries but: - You can build visualizations in Workbooks. - You can also connect your Sentinel in ADX and run queries there where map visualizations are available. Check the following guide, it is not the same scenario but it will help you connect ADX to Sentinel
0
0
0