DiscoverRunAs RadioQuerying for Breaches with Mark Morowcyznski
Querying for Breaches with Mark Morowcyznski

Querying for Breaches with Mark Morowcyznski

Update: 2025-01-29
Share

Description

Do you Kusto? Richard talks to Mark Morowczynski about his new book, The Definitive Guide to KQL, and the power of Kusto to look across your Azure tenant and understand operational and security issues. Mark talks about being able to query across all log sets, telemetry, the M365 graph, and more - to help understand issues. The book provides example queries you could run today, including knowing the first and last time a user logged on and what devices they used. There are examples of calculating baseline behavior for an account so that you can see when unusual activity starts. There are a ton of excellent queries for operational excellence and cybersecurity - get started today! And for RunAs listeners, you can use code KUSTO to get 30% off the book!

Links

Recorded December 19, 2024

Comments 
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
In Channel
Writing Better PowerShell with Jeff Hicks

Writing Better PowerShell with Jeff Hicks

2025-03-2636:37

Managing AI Costs with Sonia Cuff

Managing AI Costs with Sonia Cuff

2025-03-1937:28

Strong Certificate Mapping in Active Directory with Richard Hicks

Strong Certificate Mapping in Active Directory with Richard Hicks

2025-03-1239:33

Secure by Design with Karinne Bessette

Secure by Design with Karinne Bessette

2025-03-0540:04

Exchange Server in 2025 with Michel de Rooij

Exchange Server in 2025 with Michel de Rooij

2025-02-2631:42

Managed DevOps Pools with Eliza Tarasila

Managed DevOps Pools with Eliza Tarasila

2025-02-1932:19

Upgrading to Windows Server 2025 with Robert Smit

Upgrading to Windows Server 2025 with Robert Smit

2025-02-1237:51

Microsoft Entra ID Protection with Corissa Koopmans

Microsoft Entra ID Protection with Corissa Koopmans

2025-02-0538:20

Querying for Breaches with Mark Morowcyznski

Querying for Breaches with Mark Morowcyznski

2025-01-2934:07

SQL 2025 and Fabric SQL with Anna Hoffman

SQL 2025 and Fabric SQL with Anna Hoffman

2025-01-2234:11

DevOpsDocs with Mattias Karlsson

DevOpsDocs with Mattias Karlsson

2025-01-1536:15

Least Privilege in 2025 with Bailey Bercik

Least Privilege in 2025 with Bailey Bercik

2025-01-0839:05

Being a SysAdmin in 2025

Being a SysAdmin in 2025

2025-01-0132:47

A Very Windows Christmas with Paul Thurrott

A Very Windows Christmas with Paul Thurrott

2024-12-2538:02

Real-Time Intelligence in Microsoft Fabric with Yitzhak Kesselman

Real-Time Intelligence in Microsoft Fabric with Yitzhak Kesselman

2024-12-1836:57

M365 Copilot in Government with Angela Dugan

M365 Copilot in Government with Angela Dugan

2024-12-1135:22

A SysAdmin Christmas with Rick Claus and Joey Snow

A SysAdmin Christmas with Rick Claus and Joey Snow

2024-12-0438:23

Incident Response with Mandi Walls

Incident Response with Mandi Walls

2024-11-2736:01

Testing Databases with Dan Mallott

Testing Databases with Dan Mallott

2024-11-2034:27

SQL Server Management Studio with Erin Stellato

SQL Server Management Studio with Erin Stellato

2024-11-1342:23

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Querying for Breaches with Mark Morowcyznski

Querying for Breaches with Mark Morowcyznski

Mark Morowczynski, Richard Campbell