Blue Team

529 readers

4 users here now

Blue Teamers are the first (and sometimes last) line of defense in the ongoing cyber war. This place is to chat out detection strategies, complain about SIEMs, compare SOAR playbooks, or post mean memes about the Red Team.

founded 1 year ago

MODERATORS

xavier@infosec.pub

geo_info_from_ip_address() - Azure Data Explorer (learn.microsoft.com)

submitted 1 year ago by cyberhakon@infosec.pub to c/blueteam@infosec.pub

0 comments fedilink hide all child comments

If we are going to build a good community, we need some content! Here's a new feature in Kusto I have found useful in Sentinel, making it easier to do geolocation lookups in queries: geo_in_from_ip_address.

If we all share a little trick or something we have recently learned now and then, this will be a useful community!

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here