Toggle navigation
Anything About IT
All Posts
ARCHIVE
ABOUT
Anything About IT
Learning, Building, Sharing
How to Configure Splunk to pull Windows Defender ATP alerts
Windows Defender ATP provides SIEM integration, allowing you to pull alerts from Windows Defender ATP Security Center into Splunk.
Posted by Alex Verboon on Thursday, March 28, 2019
Anything About IT
LAST POSTS
Exploring IdentityAccountInfo - Building a KQL Query to Assess Identity Password Security Posture
Modern Security for Legacy Systems
Defender for Identity - Automatic Windows Event Auditing Configuration
Collect Microsoft Entra Connect Sync Audit Events
Shedding Light on Dormant Sensitive Accounts