Mehmet Ergene
@cyb3rmonk.bsky.social
https://academy.bluraven.io
Threat Hunting & Research, Detection Engineering | Microsoft Security MVP
#KQL #DFIR #DataScience
All is one.
Opinions are my own
http://posts.bluraven.io
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection
Threat Hunting & Research, Detection Engineering | Microsoft Security MVP
#KQL #DFIR #DataScience
All is one.
Opinions are my own
http://posts.bluraven.io
https://github.com/Cyb3r-Monk/Threat-Hunting-and-Detection
🚨 Test your Lateral Movement investigation skills!
We have just added a new challenge to our FREE "Hands-On Introduction to KQL for Security Analysis" course!
You can even test your AI agents' skills 😉
#KQL #Kusto #MicrosoftSentinel #MicrosoftDefender
academy.bluraven.io/course/intro...
We have just added a new challenge to our FREE "Hands-On Introduction to KQL for Security Analysis" course!
You can even test your AI agents' skills 😉
#KQL #Kusto #MicrosoftSentinel #MicrosoftDefender
academy.bluraven.io/course/intro...
April 19, 2025 at 3:49 PM
🚨 Test your Lateral Movement investigation skills!
We have just added a new challenge to our FREE "Hands-On Introduction to KQL for Security Analysis" course!
You can even test your AI agents' skills 😉
#KQL #Kusto #MicrosoftSentinel #MicrosoftDefender
academy.bluraven.io/course/intro...
We have just added a new challenge to our FREE "Hands-On Introduction to KQL for Security Analysis" course!
You can even test your AI agents' skills 😉
#KQL #Kusto #MicrosoftSentinel #MicrosoftDefender
academy.bluraven.io/course/intro...
🎁 NEW UPDATE:
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
academy.bluraven.io/course/intro...
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
academy.bluraven.io/course/intro...
April 17, 2025 at 3:31 PM
🎁 NEW UPDATE:
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
academy.bluraven.io/course/intro...
I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.
More will be coming soon!
#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
academy.bluraven.io/course/intro...
🚨 Problem with Cyber Range/Training platforms ❓
Most range platforms and training labs provide you with all the questions to solve, hinting answers to other questions.
I've implemented a trick to hide some questions that reveal hints for other questions for a real-life experience.
Stay tuned.👀
Most range platforms and training labs provide you with all the questions to solve, hinting answers to other questions.
I've implemented a trick to hide some questions that reveal hints for other questions for a real-life experience.
Stay tuned.👀
April 2, 2025 at 2:26 PM
🚨 Problem with Cyber Range/Training platforms ❓
Most range platforms and training labs provide you with all the questions to solve, hinting answers to other questions.
I've implemented a trick to hide some questions that reveal hints for other questions for a real-life experience.
Stay tuned.👀
Most range platforms and training labs provide you with all the questions to solve, hinting answers to other questions.
I've implemented a trick to hide some questions that reveal hints for other questions for a real-life experience.
Stay tuned.👀
🥲 Seems like you don't even have to use residential proxies for device code phishing for evasion. Just get a machine in one of the cloud providers' corresponding regions. 🤷♂️
February 15, 2025 at 3:15 PM
🥲 Seems like you don't even have to use residential proxies for device code phishing for evasion. Just get a machine in one of the cloud providers' corresponding regions. 🤷♂️
💙Fall in Love with Threat Hunting, Incident Response, and Detection Engineering using #KQL💙
Code: VLTN30
Valid until 17.02
#ThreatHunting
academy.bluraven.io
Code: VLTN30
Valid until 17.02
#ThreatHunting
academy.bluraven.io
February 15, 2025 at 2:27 PM
💙Fall in Love with Threat Hunting, Incident Response, and Detection Engineering using #KQL💙
Code: VLTN30
Valid until 17.02
#ThreatHunting
academy.bluraven.io
Code: VLTN30
Valid until 17.02
#ThreatHunting
academy.bluraven.io
🚨 Time to check your detection queries for MDE:
DLL load events are recorded in DeviceImageLoadEvents table, NOT DeviceEvents table. I keep seeing people sharing queries with the wrong table and even with the wrong ActionType filters.
DLL load events are recorded in DeviceImageLoadEvents table, NOT DeviceEvents table. I keep seeing people sharing queries with the wrong table and even with the wrong ActionType filters.
February 8, 2025 at 11:51 AM
🚨 Time to check your detection queries for MDE:
DLL load events are recorded in DeviceImageLoadEvents table, NOT DeviceEvents table. I keep seeing people sharing queries with the wrong table and even with the wrong ActionType filters.
DLL load events are recorded in DeviceImageLoadEvents table, NOT DeviceEvents table. I keep seeing people sharing queries with the wrong table and even with the wrong ActionType filters.
November 15, 2024 at 2:55 PM