Cloud Data & Security

🎤 Speaker | ✍️ Author | 🏆 Microsoft MVP [Security] | 🎓 MCT

Explore My Work

About Me

With Over 12 Years of Experience:

🐱‍👤 CLOUD SECURITY EXPERT: Specializing in scalable implementations, primarily with Microsoft Sentinel.

🛡️ SECURITY ADVOCATE: Promoting Microsoft Security education and awareness.

✔️ OPEN-SOURCE ENTHUSIAST: Passionate about building ATOM Products.

📌 Educator and Mentor:

💡 Free Udemy Course: Over 3K+ enrollments.

💡 Event Speaker: Presented at 30+ Cloud Security Events.

💡 Published Author: 10+ Articles with 10K+ reads.

📌 Innovative Developer:

🔼 PowerShell Modules: Created for Defender for IoT Raw Logs.

🔼 Twitter TI Feeds: Enhancing Sentinel with live threat intelligence.

🔼 IP Ranges Updates: Latest from Azure, GCP, AWS for Microsoft Sentinel.

Achievements Along the Way:

⚡ Top Contributor: Ranked #6 for Microsoft Sentinel contributions.

⚡ Black Belt Expertise: L5 Microsoft Sentinel Black Belt since 2022.

📍 Tech Savvy:

Engaged in designing and developing applications on Azure and GCP.

📍 Seasoned Developer:

Extensive experience with .NET & SharePoint.

Articles

Here is a list of my write ups

Monitor Microsoft Copilot for Security with Azure Workbooks

Lwhile working on setting up Microsoft Copilot for Security, have stated analyzing the logs generated by the instance to gain deeper understanding around the eco system. Eventually, designed this workbook gain better and better visibility about it.

  • To get an overall visibility on the Logins and Activities captured by various data sources.
  • Identify possible failures to address.
  • With the pre-defined queries, it is easy start building a detection rule with lesser time.
Learn More...

Extend Copilot for Security for SOAR Playbooks

Extending Copilot for Security this to do more with less as utilizing the core pillars will help building better foundation. And this API based plugin to call a logic app to carry out SOAR activities from Microsoft Copilot for Secuity is the heart of it. Like any other plugin, we can use any SOAR capability augment with Copilot for Security following this approach.

  • Automate and encapsulate SOC & SOAR Processes.
  • Maximize the number of prompts by reducing the SCU (Security Compute Unit) usage
  • Utilize this to combine playbooks with multiple sources
  • With Lighthouse enabled it is more powerful to make repeatable workflows.
Learn More...

Limit access to your Office 365 Apps with for IP ranges with Named Locations

Most of the organizations coming from the On premises to Office 365 want to be conservative when it comes to the accessibility of Office 365 and Apps within.

  • We want our office files to be accessible only from our intranet.
  • We want to office files to be accessible only from our known VPNs network.
  • We want our office file to be accessible from intranet & other cloud platforms.
Learn More

Videos

Get Smart with Data Ingestion & Retention

Unleashing MDAH

Enhance Ops Effieiciny with C4S