YellowHat Conference: Deep Dive into Microsoft Security Products

Listen to this Post

🛡️If you work with any Microsoft Security product, hashtag#YellowHat is THE conference for you – Technical deep dives, no marketing, and an amazing speaker lineup.

Register today to join the livestream for free on https://yellowhat.live/

Learn about hashtag#XDR, hashtag#MDE, hashtag#MDI, hashtag#Sentinel, and more @ YellowHat.

Practice Verified Codes and Commands:

  1. Microsoft Defender for Endpoint (MDE) – Check Device Status:
    Get-MpComputerStatus
    

2. Microsoft Sentinel – List Active Alerts:

Get-AzSentinelAlertRule -ResourceGroupName "YourResourceGroup" -WorkspaceName "YourWorkspaceName"
  1. Microsoft Defender for Identity (MDI) – Check Sensor Status:
    Get-AATPHealthStatus
    

  2. Extended Detection and Response (XDR) – Query Threat Intelligence:

    Get-ThreatIntelligenceIndicator -Filter "NetworkDestinationIP eq '192.168.1.1'"
    

5. Azure Sentinel – Run a Hunting Query:

[kql]
SecurityEvent
| where EventID == 4625
| summarize count() by Account
[/kql]

What Undercode Say:

The YellowHat conference is a must-attend event for professionals working with Microsoft Security products. It offers a unique opportunity to gain in-depth technical knowledge without the usual marketing fluff. The event covers a wide range of topics including XDR, MDE, MDI, and Sentinel, which are crucial for modern cybersecurity strategies.

In the realm of cybersecurity, practical knowledge is paramount. Here are some additional commands and practices that can enhance your security posture: