Raffaellooo

What a fun lab this was! I learned a lot about and used a different part of Azure I had never worked with before, Azure Sentinel. I left a vulnerable VM open and logged the IP addresses and countries that were attempting to brute force their way in with a PowerShell script, then had Sentinel map it out for a visual understanding.
What I found most interesting was training our log workspace to pick up the keywords we were looking for. It really showcased the AI power Azure/Sentinel.
I left mine open for about a total of 8 hours and got to experience what real-world cyber attacks look like.

You can follow along here: https://www.youtube.com/watch?v=RoZeVbbZ0o0

--

--

Raffaellooo

Raffaellooo

Desktop Support Engineer pivoting into Cloud Engineering.