Blog
Practical security content for SOC analysts and security engineers working in Microsoft 365 environments.
5 KQL Queries Every SOC Analyst Should Have Bookmarked
Five production-ready KQL queries for Microsoft Sentinel and Defender XDR that you can deploy today. Each one finds something your current detection rules probably miss.
Read article →Anatomy of a Five-Wave AiTM Phishing Campaign
What a sustained adversary-in-the-middle credential phishing campaign looks like from inside the SOC. The attacker adapted after every containment action. Here's how we tracked them.
Read article →Why We Built a Text-Based Security Operations Training Platform
Video courses optimise for watch time. We optimise for deploying detection rules to your Sentinel workspace. Here's why Ridgeline exists and what makes it different.
Read article →