Blogs by Ashwin

  Manage Azure Sentinel Threat-Hunting Queries To efficiently find and isolate security threats, and unwanted activities in Contoso's environment, you can use the Azure Sentinel which contains powerful query tools. Hunt by using built-in queries Search and query tools can be used in Azure Sentinel to hunt for security threats and tactics throughout your environment. The Hunting page in Azure Sentinel provides built-in queries that can easily guide your hunting process as well as helps you to pursue the appropriate hunting paths to uncover issues in your environment while also exposing issues with the help of Hunting Queries that aren't significant enough on their own to generate an alert but have happened often enough over time to warrant investigation.  The Hunting page also provides a list of all hunting queries that can be saved by selecting the Favorites star icon for the query in the list.  Tip- When a query is selected as a favorite, it runs automatically each time ...