End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel

Update 2021-01-13 9:15 AM CST: Added additional resources at the end of the article Azure Sentinel is Microsoft's cloud-native SIEM/SOAR. While being cloud-native means that there is little to no configuration required to ingest a variety of log sources, such as Azure AD, Azure Activity Logs, and AWS logs, customers also have a need to … Continue reading End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel

Defaulting Azure Virtual Network Peering from Allowing to Denying Traffic

I thought about making the title of this blog post "Creating a uni-directional Azure Virtual Network Peering," but it would have been a bit too click-baity. Still, conceptually, what I am describing in this post is along those lines. Virtual Network Peering and the VirtualNetwork Service Tag When two Virtual Networks (VNets) are peered, the … Continue reading Defaulting Azure Virtual Network Peering from Allowing to Denying Traffic

Check your Windows OS for Spectre and Meltdown vulnerability with PowerShell

Microsoft has released a PowerShell module to check your device and operating system for the Spectre and Meltdown vulnerabilities. This PowerShell module is easy to install from an elevated PowerShell window: You may need to approve the installation of the NuGet provider if you haven't previously installed modules from NuGet. You will likely also get … Continue reading Check your Windows OS for Spectre and Meltdown vulnerability with PowerShell