Azure Sentinel Introduction

in Azure, Azure Sentinel by Jan-Henrik Damaschke
1.7k words · 10 min to read

Azure Sentinel is Microsoft’s security information and event management (SIEM) and security orchestration, automation and response (SOAR) offering for modern SecOps. Now with the announced General Availability of Azure Sentinel, we will take a look and the current features, what changed from the preview and where there is still room for improvement.

This Post is Azure CloudShell compatible


Process low level NtSecurityDescriptor

in Security by Jan-Henrik Damaschke
1.9k words · 11 min to read

The SECURITY_DESCRIPTOR structure stores security related attributes of an object. It determines, who can access the object and which additional permissions are assigned. Because sometimes you are confronted with the “raw” NtSecurityDescriptor e.g. in Active Directory related scenarios, I tried give an overview about all parts of it.

  • page 1 of 1
Author's picture

IT Insights Blog

Knowledge Delivered