In the realm of cybersecurity, the ability to efficiently parse and analyze vast amounts of data is crucial. Microsoft Sentinel offers a powerful solution for this purpose. One of its key features is the ASIM (Advanced Security Information Model) parser, which plays a significant role in data normalization and enrichment. But when reading the docs and especially when you would like to write your own parser it looks complicated. Thats why I created this blog and show how to create your custom ASIM parser. Table of Contents Understanding the ASIM Parser Model In the documentation we can f ..read more

In my previous post, I explored the basics of integrating Ubiquiti Dream Machine Pro logs with Microsoft Sentinel, setting the stage for advanced network monitoring and security analysis. Today, we’re taking a significant leap forward by incorporating the threat detection capabilities of the device, which is using Suricata, an open-source network threat detection tool. This extension is enabled as soon IDS or IPS is enabled in the Unifi Admin interface. But sadly, Ubiquiti is not forwarding the detections to syslog by default. Setting the Stage for Threat Detection Suricata offers a robust ..read more

Many IT geeks may have at home an Ubiquiti Dream Machine Pro to manage and protect their network. It’s a perfect device to build test networks and having some cool options like having an Azure Site to Site VPN tunnel. But can I also leverage the logs in Microsoft Sentinel? There is an available Solution in the Content Hub with a few Analytic rules, a Data Connector and even a Parser.  After installing the Solution I checked the Connector and it is by default leveraging the Linux or Windows Log Analytics Agent. I don’t like this approach as I would like to leverage the Logstash engine ..read more

Below are the 6 Sponsor Presentations that are presented at the Workplace Ninja Summit 2023 in Baden.  The following Sponsors have presented – Rimo3, ControlUp, Recast Software, Liquit, Base Vision and Adaptiva. The post Summit 2023 – Sponsor Presentations appeared first on Workplace Ninja's ..read more

The Workplace Ninja Summit 2023 was a great event that brought together experts and enthusiasts of workplace management and security. Among the many sessions that were offered, four of them focused on the topic of passwordless authentication and how to leverage Microsoft Graph and Azure to achieve it. Below are the Community Stage sessions Niklas Tinner – baseVISION: Intune Change Tracking Azure Workbook Sander Rozemuller – Exite ICT: Zero Trust Emergency Access: A Multi-Layered, Passwordless Solution Martin Kupka – Partners Group AG: MS Graph and REST API for Effective Intune Automation Gu ..read more

Are you interested in learning more about how Microsoft Defender for Identity can help you protect your organization from advanced attacks? Do you want to hear from experts who have implemented this solution and can share their insights and best practices? If so, you don’t want to miss the latest episode of the Workplace Ninja Summit 2023 Podcast! In this episode, we (Alex Benoit and Frans Oudendorp) have an exclusive interview with Daniel Naim and Eran Nachshon, two senior security engineers at Microsoft who work on Defender for Identity. They joined us at the Workp ..read more

Are you interested in learning more about artificial intelligence and the modern workplace? If so, you don’t want to miss the latest episode of the Workplace Ninja Summit podcast, where we interviewed Merlijn van Waeyenberghe, a consultant at OB-V-US and an expert in Microsoft Endpoint Manager, PowerShell, Python, and AI. Merlijn shared his insights on how AI is transforming the way we work, communicate, and collaborate. He also talked about some of the challenges and opportunities that AI brings to the IT professionals and end users. He gave us some examples of how he uses AI in h ..read more

In this episode of the Workplace Ninja Summit Podcast, we had the pleasure of talking to three Microsoft experts, Lior Bela, Bethany Foyt and Shravana Mukherjee, who shared their insights and experiences on how Microsoft supports and empowers the community of IT professionals and enthusiasts. We discussed with them about the community and event like Workplace Ninja Summit but also the resources and opportunities that Microsoft provides to the community, such as websites, blogs, podcasts, events, forums, certifications, awards, and more. We hope you enjoy this informative ..read more

We are back with another episode of the Workplace Ninja Summit Podcast, where we bring you the insights and experiences of the speakers and organizers of the Workplace Ninja Summit 2023. In this episode, we had the pleasure of interviewing Aria Carley, John Vintzel and Ken Goossens, who presented sessions on Windows Autopatch and Update management within Intune at the summit. They shared their tips and best practices on how to keep your Windows devices up to date and secure using Intune. We discussed topics such as Autopatch, Update management and the deployment of Window ..read more

Hello, ninjas! Welcome to the next episode of the Workplace Ninja Summit 2023 Podcast, where we bring you the latest insights and best practices from the experts in the field of modern workplace management. In this episode, we have a special treat for you: an interview with Kenny Buntinx and Kim Heyrmans, two of the speakers at the Workplace Ninja Summit 2023 in Baden, Switzerland. Kenny and Kim are both working at Ob-v-us, a leading cloud and digital transformation company in Belgium. They have extensive experience in designing, implementing and managing Microsoft Endpoint Ma ..read more