Deploying OCSF to Microsoft Sentinel: A Step-by-Step Implementation Guide (Part 2 of 2)
In **Part 1**, we covered what **OCSF** is and why it solves critical problems for **Microsoft Sentinel** deployments. This post walks through the technical implementation: creating custom tables for OCSF event classes, configuring **Data Collection Rules (DCR)** to transform log
William Clarkson-Antill
May 84 min read
Understanding OCSF: The Universal Translator for Security Data in Microsoft Sentinel (Part 1 of 2)
The **Open Cybersecurity Schema Framework (OCSF)** addresses one of the most persistent challenges in security operations: inconsistent log formats across vendors. If you've spent hours writing custom parsers for every new data source in **Microsoft Sentinel**, OCSF offers a stan
William Clarkson-Antill
May 14 min read
Deploy MISP in an Azure Container Instances (ACI) and Integrate with Microsoft Sentinel
Deploy MISP in an Azure Container Instances (ACI) and Integrate with Microsoft Sentinel
William Clarkson-Antill
Apr 56 min read
Enabling Defender for Cloud - Initial Setup and Config
Enabling Defender for Cloud - Initial Setup and Config
William Clarkson-Antill
Apr 55 min read
Deploying Microsoft Defender for Endpoint to Your First Machine
Deploying Microsoft Defender for Endpoint to Your First Machine
William Clarkson-Antill
Apr 54 min read
Deploying OpenCTI on AKS using Helm
OpenCTI is an open‑source cyber threat intelligence platform designed to manage and visualise knowledge about cyber threats. This post...
William Clarkson-Antill
Sep 26, 20254 min read
