I removed the sign up limit for my FREE "Introduction to KQL for Security Analysis" course. 👉academy.bluraven.io/intro-to… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #training #DFIR #FREE

(FREE) Hands-On Introduction to KQL for Security Analysis 🚀 New seats are available! #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #training #dfir #incidentresponse academy.bluraven.io/intro-to…

🚀 Exciting News and a Giveaway! 🚀 Announcing my new course: Advanced Hands-On KQL for Threat Hunting and Detection Engineering! 🎓✨ This course is designed to take you from zero to master, equipping you with cutting-edge skills to stay ahead in the cybersecurity game. Here’s what you can expect: 🔍 Advanced Time Series Anomaly Detection: Discover methods you’ve never seen before. 🔗 Attack Path & Execution Chain Detection with Process Mining: A novel approach to threat detection. 🌐 Attack Pattern Detection Using Graph Semantics: Start thinking in graphs and revolutionize your detection and investigation skills. And now, the exciting part! 🎁 I’m giving away 1 FREE seat in the course! To enter: 1️⃣ Follow @BluRavenSec 2️⃣ Like and repost this post 3️⃣ Comment why you want to join academy.bluraven.io/advanced… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #ThreatHunting #DetectionEngineering #training #dfir #incidentresponse

Hands-On Introduction to KQL for Security Analysis (FREE) New seats are available! #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #training #dfir #incidentresponse academy.bluraven.io/intro-to…

Time series visualization can help you better investigate a device. #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #training #dfir #incidentresponse

𝐓𝐢𝐦𝐞 𝐓𝐫𝐚𝐯𝐞𝐥𝐢𝐧𝐠 𝐢𝐧 𝐭𝐡𝐞 𝐋𝐨𝐠𝐬 Did you know you can time travel using #KQL and effortlessly use the 𝐧𝐨𝐰() and 𝐚𝐠𝐨() functions instead of manually typing timestamps everywhere? The 𝐪𝐮𝐞𝐫𝐲_𝐝𝐚𝐭𝐞𝐭𝐢𝐦𝐞𝐬𝐜𝐨𝐩𝐞_𝐜𝐨𝐥𝐮𝐦𝐧, 𝐪𝐮𝐞𝐫𝐲_𝐝𝐚𝐭𝐞𝐭𝐢𝐦𝐞𝐬𝐜𝐨𝐩𝐞_𝐭𝐨, and 𝐪𝐮𝐞𝐫𝐲_𝐧𝐨𝐰 commands make time travel possible, allowing hassle-free analysis. This capability is incredibly useful for SOC analysts, threat hunters, and detection engineers! 😎 Learn more: academy.bluraven.io/ #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #Defender #cybersecurity #KQLForSecurityAnalysts #training #dfir #incidentresponse

Fancy a weekend learning project? New seats are available for the "Introduction to KQL for Security Analysis" course! academy.bluraven.io/intro-to… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #MicrosoftDefenderXDR #cybersecurity #KQLForSecurityAnalysts #training #dfir

𝐔𝐬𝐢𝐧𝐠 𝐕𝐢𝐬𝐮𝐚𝐥𝐢𝐳𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠, 𝐓𝐫𝐢𝐚𝐠𝐞, 𝐚𝐧𝐝 𝐓𝐡𝐫𝐞𝐚𝐭 𝐇𝐮𝐧𝐭𝐢𝐧𝐠 Did you know you can visualize logs to identify malicious activities? While it may not be a scalable method, it's incredibly useful for triaging and investigating alerts. For instance, you can use geospatial clustering and aggregation to examine suspicious sign-in activities. Additionally, inverting charts can make rare/suspicious sign-in activities more visible. Learn how to master these techniques hands-on with real data in a hyper-realistic environment 👉 academy.bluraven.io/hands-on… #KQL #Kusto #SIEM #ThreatHunting #MicrosoftSentinel #MicrosoftDefender #Cybersecurity #KQLForSecurityAnalysts #Training #DFIR #IncidentResponse

😍Exciting News: Subscription plan for "Hands-On Kusto Query Language (KQL) for Security Analysts" course is now available! 🚀 🔥🔥 academy.bluraven.io/hands-on… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #cybersecurity #KQLForSecurityAnalysts #training

🚀 FREE Hands-On KQL for Security Analysis Course is now available! 🚀 ✅ 50 seats bi-monthly ✅ Certificate of completion ✅ 14-day lab with real-world Microsoft Sentinel and Defender XDR logs 🔥🔥 Enroll for FREE 👇 academy.bluraven.io/intro-to… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

📣 Big Update! My course prices now include VAT, and I did it without raising the current prices! Enjoy the same great content with no hidden costs! 👉 academy.bluraven.io/ #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #Training

💪 10x your alert triage and investigation skills! I've been adding new content to my "Hands-On Kusto Query Language (KQL) for Security Analysts" course that enables SOC analysts with fast triage capabilities using #KQL. More details soon! 👉 academy.bluraven.io/hands-on… #KQL #Kusto #SIEM #MicrosoftSentinel #MicrosoftDefender #Defender #cybersecurity #KQLForSecurityAnalysts #training

Part 3 of breaking down my "𝐇𝐚𝐧𝐝𝐬-𝐎𝐧 𝐊𝐮𝐬𝐭𝐨 𝐐𝐮𝐞𝐫𝐲 𝐋𝐚𝐧𝐠𝐮𝐚𝐠𝐞 (𝐊𝐐𝐋) 𝐟𝐨𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐀𝐧𝐚𝐥𝐲𝐬𝐭𝐬" course👇 𝐒𝐞𝐚𝐫𝐜𝐡𝐢𝐧𝐠 𝐚𝐧𝐝 𝐅𝐢𝐥𝐭𝐞𝐫𝐢𝐧𝐠 𝐃𝐚𝐭𝐚 In this section, we'll focus on the basics of searching and filtering data in KQL. ✅ We'll learn about the 𝐬𝐞𝐚𝐫𝐜𝐡 operator to help us quickly locate data and the 𝐰𝐡𝐞𝐫𝐞 operator to filter results based on specific conditions (𝐬𝐞𝐚𝐫𝐜𝐡 is an awesome operator if you know how to use it effectively). ✅ We'll learn scalar operators that are commonly used with the 𝐰𝐡𝐞𝐫𝐞 operator for security analysis (do you know the difference between 𝐡𝐚𝐬 and 𝐜𝐨𝐧𝐭𝐚𝐢𝐧𝐬 operators and why you should prefer the 𝐡𝐚𝐬 operator?). ✅ Also, we'll learn how to work with IP addresses, file paths, and regular expressions effectively. By the end, we'll have a good grasp on how to find and narrow down the data we're looking for! academy.bluraven.io/hands-on… #KQL #SIEM #MSsentinel #MicrosoftDefender #XDR #Defender #cybersecurity #KQLForSecurityAnalysts #training

Part 2 of breaking down my "Hands-On Kusto Query Language (KQL) for Security Analysts" course👇 #KQL Fundamentals and Exploring Data In this section, I explain the foundational concepts of the Kusto Query Language. I kick off with an introduction to KQL statements, followed by an exploration of the pivotal role of the pipe in KQL, which allows for sequential data processing. Subsequently, we'll examine the structure of KQL queries and familiarize ourselves with the various data types in KQL (Tip: the integers you see in the query results may not be integers). When we just start using data, many of us don't know the structure of the logs (where information is stored and how). Therefore, we'll wrap up by introducing basic techniques for familiarizing ourselves with the data. If you don't know your data source, how are you going to leverage it? By the end of this section, you will have a solid grasp of the basic components of KQL, setting the stage for efficient searching and filtering querying techniques. academy.bluraven.io/hands-on… #KQL #SIEM #MSsentinel #Defender #cybersecurity #KQLForSecurityAnalysts #training

In the coming days, I'll be breaking down my "Hands-On Kusto Query Language (KQL) for Security Analysts" course section by section to provide some details and answer potential questions. 👇 First up: Introduction to Databases and Logging. This section is perfect for those who are new to SIEM/XDR products like MS Sentinel and Defender. It covers what a columnar storage-based database is, its importance for analysis, how logs are stored and indexed, and why these products are like a massive Excel worksheet. academy.bluraven.io/hands-on… #KQL #SIEM #MSsentinel #Defender #cybersecurity #KQLForSecurityAnalysts #training