• Aug 4, 2025

  Parsing JSON Data with PowerShell: From Raw API Responses to Structured Reports

  How to use PowerShell to parse and analyse JSON data from APIs and exports, transforming complex nested structures into structured reports ready for analysis.
• Jul 28, 2025

  M365 Email OSINT After the Lockdown: What Still Works in 2025

  Pondering Microsoft's recent Autodiscover service changes, and the information that remains publicly accessible for M365 email security reconnaissance.
• Jul 8, 2025

  Connecting Azure to Claude Desktop via MCP

  How to connect the Azure MCP server to Claude Desktop for direct access to Azure resources, enabling Claude to help with Azure development and operations.
• Jul 7, 2025

  Useful Identity Discovery KQL Queries

  KQL queries to extract identity, group membership, and device information from Microsoft Sentinel when you don't have direct access to Entra ID or Intune portals.
• Jul 2, 2025

  Making Claude Code Work for You: An Introduction to Hooks

  How to use Claude Code hooks to automate the tedious bits of development workflow, ensuring consistent formatting, linting, and quality checks without manual intervention.
• Jun 30, 2025

  PowerShell Scripting Best Practices: A Comprehensive Enterprise Guide

  A comprehensive guide to PowerShell scripting best practices covering everything from script structure and error handling to security, testing, and cross-platform compatibility. Includes prioritised checklists, anti-patterns to avoid, and a practical example template.
• Jun 17, 2025

  Connecting Microsoft Sentinel to a LLM via Model Context Protocol (MCP)

  How I built an MCP server to bridge Microsoft Sentinel with Large Language Models.
• Jun 17, 2025

  Connecting Microsoft Docs to Claude Code via MCP

  How to connect the Microsoft Docs MCP server to Claude Code for real-time access to official Microsoft documentation, eliminating outdated info and guesswork.
• May 30, 2025

  SPF Unregistered Domain Vulnerabilities: A Critical Email Authentication Bypass

  AI-generated research on how expired or unregistered domains in SPF records create severe vulnerabilities that enable email authentication bypass and sophisticated phishing attacks.
• May 23, 2025

  FortiAnalyzer CEF and the Case of the Missing Logs

  How to fix FortiAnalyzer's non-compliant CEF messages that lack syslog PRI headers when ingesting to Microsoft Sentinel via Azure Monitor Agent, while reducing ingestion costs through intelligent filtering.

subscribe via RSS