Cloud Data & Security

Specializing in API Integration, Cloud Solutions, and Cybersecurity.

Explore My Work

About Me

With over 12+ years of experience
✔️ Helping customers to implement Cloud Security at scale prima facia Microsoft Sentinel 🛡️ 🐱‍👤
✔️ Advocates Microsoft Security Education and awareness.
✔️ Love Building Open-Source ATOM Products.
📌 During my journey, I enjoy educating:
💡 FREE Udemy Course with 2K+ enrollments
💡 Presented in 30+ Cloud Security Events.
💡 10+ Articles with 10K+ reads.
📌 Love building atom products
🔼 PowerShell Module on Defender for IOT Raw Logs.
🔼 Enrich Sentinel with Twitter TI Feeds.
🔼 Latest IP Ranges from Azure | GCP | AWS for Microsoft Sentinel
Things came along with the journey
⚡ #5 under top contributors for Microsoft Sentinel.
⚡ L5 Microsoft Sentinel Black Belt since 2022
📍 Been engaged in the design & development of applications in Azure, GCP. A veteran developer for .NET & SharePoint.

Write Up !

Here is a list of my write ups

Monitor Microsoft Copilot for Security with Azure Workbooks

Lwhile working on setting up Microsoft Copilot for Security, have stated analyzing the logs generated by the instance to gain deeper understanding around the eco system. Eventually, designed this workbook gain better and better visibility about it.

  • To get an overall visibility on the Logins and Activities captured by various data sources.
  • Identify possible failures to address.
  • With the pre-defined queries, it is easy start building a detection rule with lesser time.
Learn More...

Extend Copilot for Security for SOAR Playbooks

Extending Copilot for Security this to do more with less as utilizing the core pillars will help building better foundation. And this API based plugin to call a logic app to carry out SOAR activities from Microsoft Copilot for Secuity is the heart of it. Like any other plugin, we can use any SOAR capability augment with Copilot for Security following this approach.

  • Automate and encapsulate SOC & SOAR Processes.
  • Maximize the number of prompts by reducing the SCU (Security Compute Unit) usage
  • Utilize this to combine playbooks with multiple sources
  • With Lighthouse enabled it is more powerful to make repeatable workflows.
Learn More...

Limit access to your Office 365 Apps with for IP ranges with Named Locations

Most of the organizations coming from the On premises to Office 365 want to be conservative when it comes to the accessibility of Office 365 and Apps within.

  • We want our office files to be accessible only from our intranet.
  • We want to office files to be accessible only from our known VPNs network.
  • We want our office file to be accessible from intranet & other cloud platforms.
Learn More

Videos

Get Smart with Data Ingestion & Retention

Unleashing MDAH

Enhance Ops Effieiciny with C4S