Fabian Bader
Fabian Bader
Please include a check for any Service Accounts with a Constrained Delegation to the KRBTGT service. Property: msDS-AllowedToDelegateTo Value: krbtgt/DOMAIN Reference: https://skyblue.team/posts/delegate-krbtgt/
### Context Updated naming and links for new Defender based naming schema of Microsoft ### Description No issue fixed. Defender for Cloud instead of Security Center Also updated the icon...
**What problem does this feature solve?** Adds highlighting support for Azure Log Analytics (Kusto/kql) **What feature do you propose?** Implementation of currently available code highlighting solutions for `.kql`, `.kusto`, and...
As per documentation the "Filtering Platform Packet Drop" subcategory should be enabled for failed audit events as well https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/host-firewall-reporting?view=o365-worldwide#what-do-you-need-to-know-before-you-begin
Enhance emergency access logic * Specify the emergency access account upn or group (by id/by upn/by group name) * Exclude a certain policy (by name/by id)
Create a JSON that allows for environmental configurations Create functions that will query the JSON and return the objects
Integrate Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) ```powershell Invoke-ORCA -Output JSON ``` https://github.com/cammurray/orca
Add mocking example for Invoke-Graph to test the test
Currently the new guest types e.g. `Service provider users` are not shown at all and named locations are only shown as a partial UID   
### Summary of the new feature / enhancement Based on the published table https://github.com/Azure/Azure-Sentinel/wiki/Query-Style-Guide#datatypes the cmdlet `Convert-SentinelARArmToYaml` should identify the used tables or functions and add the dataType and connectorId...