

New Series: How to build a SOC
I decided to begin by writing a series of blog posts, starting with "How to Build a Security Operations Centre (SOC)." It has been a...
William Clarkson-Antill
7 days ago1 min read
1 view


Settling Into the Unknown: Adjusting to Life in Australia
Hey all, I've been unable to write anything in a while as I've moved from little New Zealand to Australia. I havent been able to post...
William Clarkson-Antill
Feb 61 min read
3 views


Getting Started with Microsoft Security Copilot
Introduction With the rapid advancement of AI products, Microsoft Security Copilot is changing the game in cybersecurity. Harnessing the...
William Clarkson-Antill
Jul 30, 20245 min read
86 views

Microsoft Security Exposure Management - CTEM enablement with Microsoft
Earlier this week Microsoft announced the new Exposure Management capability within Microsoft Defender. This new tool will enable...
William Clarkson-Antill
Mar 19, 20242 min read
78 views


Microsoft Sentinel - Setting up
I thought id write something up for anyone wanting to setup Microsoft Sentinel for the first time, but are unsure how. Below are the...
William Clarkson-Antill
Feb 4, 20241 min read
40 views


Microsoft Defender for Endpoint - Enabling Vulnerabilities Notification
Something I thought id share with the wider community as more then likely most people wont be aware of this, or will have a different...
William Clarkson-Antill
Nov 8, 20231 min read
242 views


Microsoft Sentinel - Creating Parsers within a Workspace
I thought I'd write some tips, tricks, and notes on how to build out an effective parser for your Sentinel Workspace. There are a heap of...
William Clarkson-Antill
Oct 18, 20232 min read
472 views


Information on Signing up for the Microsoft Private Preview Community
I thought I would share some details of how to get into the Microsoft Private Preview Community, for the sake of sharing new ideas,...
William Clarkson-Antill
Oct 9, 20233 min read
152 views


Global Administrator in Azure, why is this role so painful for Security?
I thought I'd jot down something for this as I don't believe most know how powerful global administrator really is in Microsoft Azure....
William Clarkson-Antill
Oct 4, 20231 min read
33 views


Microsoft Sentinel - Data Ingestion from Multiple Tenants within the Same Platform
I thought I'd create a guide for ingesting multiple tenants' security information from the same platform. For example, if I have multiple...
William Clarkson-Antill
Sep 24, 20233 min read
1,081 views


Microsoft Defender for Cloud - Using it to Monitor for Compliance
A lot of organizations will have some sort of compliance they will usually have to monitor for across their cloud infrastructure. In this...
William Clarkson-Antill
Sep 21, 20233 min read
68 views


Microsoft Defender for Endpoint - Deploying Defender using Azure Policy Considerations
Released not long ago was a set of new Microsoft Defender for Endpoint Policies within Azure Policy called [Preview]: Deploy Microsoft...
William Clarkson-Antill
Sep 14, 20231 min read
144 views


Microsoft Defender for Cloud - What is it exactly
What exactly is Microsoft Defender for Cloud? Well, it's your one-stop-shop for all Azure Platform and other platform-related security...
William Clarkson-Antill
Sep 14, 20231 min read
8 views


Microsoft Defender for Endpoint - Ill try and explain this one
Well, I better post something here, having used Microsoft Defender for Endpoint heavily in the past 12 months; I feel I should share...
William Clarkson-Antill
Sep 14, 20231 min read
24 views


New Microsoft Sentinel Feature - Updated MISP2Sentinel solution
What's new and where do I get it? With the new Threat Intelligence API that came out back in May 2023 a slew of new connectors is making...
William Clarkson-Antill
Sep 14, 20231 min read
18 views


New Microsoft Sentinel Feature - New and improved entity pages
Microsoft has recently launched a new richer entity environment within Microsoft Sentinel. This is part of ongoing enhancements within...
William Clarkson-Antill
Sep 13, 20231 min read
57 views


Microsoft Sentinel - Getting Started Series
Intro Hey all, I thought I'd create a new get-started series for newcomers and people wanting to know more about Microsoft Sentinel. In...
William Clarkson-Antill
Aug 31, 20235 min read
29 views


Microsoft Sentinel - Higher limits for entities in alerts and entity mappings
A feature that has been wanted for an extremely long time (in my opinion) is finally here. Something that gives alerting a step up when...
William Clarkson-Antill
Aug 28, 20231 min read
33 views