I'm @LearningKijo, and my content will delve into three main topics: KQL, insightful out-of-the-box queries, and product & security research notes.
- LearningKijo/KQL
- LearningKijo/SecurityResearch-Note
- LearningKijo/ProductResearch-Note
- LearningKijo/MDEtester
- LearningKijo/ResearchDev
- July 31 2023, AiTM & BEC threat hunting with KQL
- November 6 2023, Advanced Hunting & Data visualization in Microsoft 365 Defender
- December 15 2023, Microsoft Security Insights Show Episode 182 - Kijo
# Kusto query language(KQL) - Advanced
# Python - intermediate
# PowerShell - intermediate
# API, RestAPI
# Cyberattack - APT29, AiTM, Ransomeware
# Microsoft Security solution <Defenders> against cyberattack
# Incident Response, Automation, Threat Hunting
# Malware analysis
- Statis analysis
- Dynamic analysis
# Experience
let MicrosoftProducts = datatable(id: int, value: string)
[
1, "Microsoft Defender for Endpoints",
2, "Microsoft Defender for Office 365",
3, "Microsoft Defender for Cloud Apps",
4, "Microsoft Defender for Identity",
5, "Microsoft 365 Defender",
6, "Microsoft Sentinel"
];
MicrosoftProducts
| project id, value
The views and opinions expressed herein are those of the author and do not necessarily reflect the views of company.