Martin is a Security Operations Centre Team Leader working in the N4Stack Security Operations Centre (SOC) – His job involves designing and deploying security solutions for customers, responding to security incidents, and investigating new technologies and techniques to protect users, networks and data from the bad guys.
Nothing gets him out of bed in the morning like writing scripts and queries to discover interesting attacks and anomalies in log files! When he’s allowed out of the SOC; Martin enjoys going for walks in the countryside with his wife, he also loves good coffee and can often be found in the coffee shop around the corner from the office discussing coffee beans.
Like what you see? Take a visit to Martin’s personal blog here
Carrying on my series of posts around Azure Sentinel, I wanted to see if I could use it to process logs from a honeypot and produce useful information. Eventually this could be extended to provide additional context to alerts and even train ML models within Sentinel....
I've been starting to use Azure Sentinel recently and explore some of its capabilities - there are currently about 40 built-in data-connectors that take logs from different services/products. I decided to see if I could add integrations with some...