Harri S @CodeByHarri
Threat Hunter | Threat Detection and Response github.com/CodeByHarri Joined January 2021-
Tweets90
-
Followers39
-
Following383
-
Likes616
Microsoft announced the public preview of the OAuthAppInfo table in the Advanced Hunting schema. I created multiple #KQL queries to help you kick-start the usage of this table.🚀 The queries help you to identify high-permissive, unused and external apps. github.com/Bert-JanP/Hunt…
@ITguySoCal This is my go to for successful auth, it may be out of date so I should update it actually let successCodes = dynamic([0, 50140, 50055, 50057, 50155, 50105, 50133, 50005, 50076, 50079, 50173, 50158, 50072, 50074, 53003, 53000, 53001, 50129]);
The feature is Live! EmailEvents | where isnotempty(ThreatClassification) | summarize dcount(NetworkMessageId) by ThreatClassification If it did not land in your tenant it will be rolled out soon.
The feature is Live! EmailEvents | where isnotempty(ThreatClassification) | summarize dcount(NetworkMessageId) by ThreatClassification If it did not land in your tenant it will be rolled out soon.
A new tradition has been born, the yearly KQL Community Sources list for 2025 has been published! Happy hunting this year! 🏹 kqlquery.com/posts/kql-sour…
Introducing SOC Optimization Recommendations Based on Similar Organizations techcommunity.microsoft.com/blog/microsoft… #MicrosoftSentinel #Cybersecurity #MicrosoftSecurity #Security #DefenderXDR
🐧 It’s finally here! 🔍 The Linux EDR Telemetry Project results are live! After months of testing and collaboration, we’re excited to share how well EDR solutions handle Linux visibility. Thank you to everyone who contributed, shared feedback, and supported the project! Your…
Hunt for suspicious scheduled task creation and execution in MDE. DeviceProcessEvents | where ProcessCommandLine contains "schtasks.exe" and ProcessCommandLine contains "/create" | join kind=inner ( DeviceFileEvents | where FileName endswith ".exe" or FileName endswith…
For all #KQL fans, I had this list of community repos lying around, the list now consists of 33 repos for you to investigate. Happy hunting! 🏹 Feel free to send a PR if you miss repos! :) github.com/Bert-JanP/Hunt…
🚨EDR Telemetry website is live! 🥳 I hope this makes it even easier for folks to compare the telemetry of EDR vendors and visualize their visibility gaps 🙂 ‣ Website🔗edr-telemetry.com ‣ GitHub 🔗github.com/tsale/edr-tele… **Telemetry results reflect the most recent…
🚨EDR Telemetry website is live! 🥳 I hope this makes it even easier for folks to compare the telemetry of EDR vendors and visualize their visibility gaps 🙂 ‣ Website🔗edr-telemetry.com ‣ GitHub 🔗github.com/tsale/edr-tele… **Telemetry results reflect the most recent… https://t.co/QKVyaQTFN8
The beginning of the #DFIR folder in the DE-TH Github repo! 6 groups of #KQL queries (13 queries) that can be used in #MicrosoftSentinel to investigate #BEC related incidents! This release is for @BertJanCyber and @reprise_99 for answering my questions! github.com/SecurityAura/D…
The @msftsecurity Digital Defense Report 2024 has been released! microsoft.com/en-us/security…
Simplify your SIEM migration. Migrate Splunk detections to Microsoft Sentinel analytics rules, including mapping Splunk data sources and lookups—all in minutes. Get started. #SentinelUpdates youtu.be/90VqWpkC19I
NEW: Microsoft is rolling out IP addresses feature in the Tenant Allow/Blocklist! 𝐒𝐮𝐦𝐦𝐚𝐫𝐲: Microsoft Defender for Office 365 will soon support IPv6 allow and block entries for customers with specific service plans. The rollout will begin in early October 2024 and…
Do you want to mitigate Active Directory attacks? The @NSAGov and @ASDGovAu recommend you use: BloodHound (@SpecterOps) PingCastle (@mysmartlogon/@Netwrix) PurpleKnight (@SemperisTech) nsa.gov/Press-Room/Pre…
When we respond to large scale compromise, we regularly see the same kinds of configuration issues across Entra ID. If you want some insight to what we see in real world compromises, I put together an overview here - microsoft.com/en-us/security…
🔐 Azure Role Assignments KQL 🚨 Detect Role Assignments Granted to Azure Service Principal 🛡️ 🔗 github.com/CodeByHarri/In… #AzureSecurity #CloudSecurity #KQL
📊 Tuning Analytics KQL 🚨 Optimize and Tune Analytics for More Effective Threat Detection 🔍 🔗 github.com/CodeByHarri/In… #CyberSecurity #ThreatHunting #KQL
🔄 Similar Incidents KQL 🚨 Identify and Investigate Similar Incidents to Enhance Response Tactics 🛡️ 🔗 github.com/CodeByHarri/In… #CyberSecurity #IncidentResponse #KQL
🚫 Failed SignIns Summary KQL 🚨 Summarize and Investigate Failed SignIn Attempts Across Users 🔍 🔗 github.com/CodeByHarri/In… #CyberSecurity #ThreatHunting #KQL
🔐 Password Activity Monitoring KQL 🚨 Detect and Analyze Password Activity to Prevent Breaches 🛡️ 🔗 github.com/CodeByHarri/In… #CyberSecurity #ThreatHunting #KQL
ConstanceIV. @B7vs9VqwpGAkLR
8 Followers 959 Following
FedRateTrader🇺🇸 @Looba968
36 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Henri Grant @henri_gran99112
39 Followers 2K Following
Scott Woods @ScottWoods21977
72 Followers 447 Following Love Jesus Christ, Love my country, Love my Flag, Love MY PRESIDENT DONALD J TRUMP! (still POTUS) Proud lifetime member ofNRA, 2A 1000%..
Katelin Renner @KatelinRen34861
69 Followers 1K Following
Varys @_ChezDaniela
3K Followers 6K Following Somewhere in between foodie, wine lover and security geek Python 💙|Personal tweets|GSNA/GPEN/GCFR | cancer survivor
cti0x @Cti0x
25 Followers 2K Following
M4nbat @knappresearchlb
338 Followers 1K Following Cyber Defence and security research enthusiast. KQL n00b, Fake it till you make it. https://t.co/oGKYfhn9kI
j3kSec @j3k_sec
0 Followers 106 Following
Tiornan Walsh @TiornanWalsh
34 Followers 91 Following Cyber Security Analyst | Blue Team | InfoSec addict | Casual Snooker player | Welcomes criticism. Opinions and views are mostly mine :)
SystemTek - Technolog... @SystemTek_UK
2K Followers 5K Following Welcome to SystemTek - Est 1999, find the latest tech news and information at https://t.co/I9t1QXbRbr
더켱 @hhdd567
4 Followers 57 Following
Nyth @nyth05
66 Followers 128 Following
Tech Girl @TechGrlTweeter
1K Followers 1K Following
Syed Shamsudheen @SyedShamsudheen
23 Followers 639 Following
Shikata ga nai @Shikata_ga_naii
268 Followers 2K Following *Shell lover. Nothing can be done about it!
Balaji VP @ponbalaji
142 Followers 498 Following Security Engineer | Enthusiast #cybersecurity #securityengineer You can allow follow me on https://t.co/14yDPjwFxm
Shiroe @TheRealShiroe
220 Followers 988 Following ex Sr Consultant Ovt4 / ex SOC Analyst trying to expand my knowledge on Forensics, Malware Analysis and Detection Engineering. #GCIH
TeamThead™ @TeamThead
6K Followers 7K Following Not even three percent of the illegals in this country have been deported.
Merill Fernando @merill
19K Followers 4K Following Product Manager @microsoft | Tweets my own Built → https://t.co/ujxKqxXjf2 • https://t.co/QbUp63ffXf • Graph XRay • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
Linda @carrolllinda96
303 Followers 3K Following
Edna @garzaedna17
246 Followers 3K Following
Elise Fuller @elisefuller0421
139 Followers 3K Following Current MIDS student, UC Berkeley School of Information
Charly Wargnier @DataChaz
138K Followers 45K Following Ex @Streamlit @Snowflake Maestro 🪄 • X about AI agents, LLMs, web apps, Python & SEO • My ❤️ is open source • DM for collabs 📩
Beau @wirebytes
274 Followers 658 Following Technology Specialist @Microsoft | Security, Governance, Risk and Compliance | Coffee Enthusiast | Always Learning | Views ≠ Employers
- @sithlordsha
8 Followers 48 Following
uncledavo @uncledavo
2K Followers 4K Following Founder @unjumblexyz @dystopAI_NFT I don't really use Twitter, find me on Farcaster.
DystopAI | AI, 3D, AR... @dystopAI_NFT
11K Followers 4K Following Emerging technology, democratised. The home of web3 x AI experiments since 2021. Custom token-gated AI, 3D and AR tools. https://t.co/uYM7xoqVyo
Aka Y @AkshatYamdagni
4 Followers 13 Following
parthpatel @parthpa35834708
5 Followers 76 Following
Noogzi Farming @noogzi
48 Followers 236 Following
International Cyber D... @IntCyberDigest
10K Followers 3K Following Your weekly go-to cybersecurity newsletter, curated and commented on by our senior analysts. Got tips? Signal: IntCyberDigest.17
Dirk-jan @_dirkjan
29K Followers 206 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Lech Mazur @LechMazur
32K Followers 440 Following CEO, Advameg, Inc. https://t.co/iLf8qsp4Qz founder Author: https://t.co/tnwqrUXTsY Author: 10 LLM benchmarks https://t.co/VcZLCofl1q
Alexandr Wang @alexandr_wang
330K Followers 838 Following chief ai officer @meta, founder @scale_ai. rational in the fullness of time
Evergreen Intel @vcdgf555
196K Followers 876 Following "Sharp-eyed aviation buff & flight tracker" ~ Brian Williams Cites: @UN @BBC @11thHour @newsweek @PopMech @thewarzonewire @TheAviationist @AirForceTimes She/her
hasherezade @hasherezade
89K Followers 908 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Vannii @VanniiAnderson
2K Followers 3K Following Sr. Cloud Solution Architect at Microsoft, #Azure, #Cybersecurity, #CloudComputing, #Mentor, #STEM, #Travel, #Womenintech. All views are my own.
BlueHat IL @BlueHatIL
6K Followers 532 Following
Robin @digininja
25K Followers 228 Following Hacker, coder, climber, runner. Co-founder of SteelCon, freelance tester, author of many tools. Always trying to learn new things. @hacknotcrime Advocate
The Cyber Security Hu... @TheCyberSecHub
189K Followers 388 Following World's Premier Cyber Security Portal™ #cybersecurity #infosec #hacking #tech 📧 [email protected]
MalwareTech @MalwareTechBlog
277K Followers 1 Following Not here anymore. Profiles: https://t.co/sFoOuGmYK2
bri5ee @bri5ee
132 Followers 317 Following Detection Engineering & IR | Red Team @wrccdc | OSCP, CRTO, CARTP | Prev @globalcptc @wrccdc competitor @calpolyswift | Prev @anduriltech
ARC Prize @arcprize
28K Followers 173 Following A North Star for open AGI. Co-founders: @fchollet @mikeknoop. President: @gregkamradt. Help support the mission - make a donation today.
Naman Jain @StringChaos
2K Followers 1K Following PhD @UCBerkeley ; Research @cursor_ai | Projects - LiveCodeBench, DeepSWE, R2E-Gym, GSO, Syzygy, LMArena Coding | Past: @MetaAI @AWS @MSFTResearch @iitbombay
Peiyi Wang @sybilhyz
11K Followers 301 Following PhD @PKU1898; Researcher @deepseek_ai; Recent: DeepSeek-R1/CoderV2/Math/V1/V2/V3, Mathshepherd, FairEval, Speculative Decoding.
Mark Chen @markchen90
65K Followers 339 Following Chief Research Officer at @OpenAI. Coach for the USA IOI Team.
Xingchao Liu @XingchaoL
5K Followers 212 Following Researcher on machine learning and multimodal AI @deepseek_ai | PhD from @UTCompSci | Fun-Seeker 乐子人
DeepSeek @deepseek_ai
971K Followers 0 Following Unravel the mystery of AGI with curiosity. Answer the essential question with long-termism.
Zizheng Pan @zizhpan
60K Followers 858 Following Researcher @deepseek_ai | Previously @nvidia @MonashUni @UniofAdelaide. Words are my own.
The Spectator Index @spectatorindex
3.1M Followers 0 Following News, media and data from around the globe. Covering politics, economics, science, tech and sport.
Google Labs @GoogleLabs
86K Followers 71 Following Google’s home for our latest AI tools and experiments.
Jerry Tworek @MillionInt
23K Followers 698 Following Berry farmer @ OpenAI | o3, o1, GPT4, ChatGPT, Codex, Solved Rubik’s cube with robotic hand | cautious AI optimist
Elli Shlomo (IR) 🏴... @ellishlomo
4K Followers 84 Following Security Researcher ~ Security AI Specialist ~ Cloud IR ~ Microsoft Security MVP
nixCraft 🐧 @nixcraft
386K Followers 622 Following Love Linux/Unix, open source, and programming? Into Sysadmin & DevOps? Follow us! Boost your IT career with daily new tools, apps, and humor ⤵️
Varys @_ChezDaniela
3K Followers 6K Following Somewhere in between foodie, wine lover and security geek Python 💙|Personal tweets|GSNA/GPEN/GCFR | cancer survivor
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Peter Klapwijk | MVP @inthecloud_247
5K Followers 281 Following Microsoft MVP Security (Intune) & Windows and devices - Senior Modern workplace Consultant at @Wortell - Blogger @ https://t.co/njG1N4cFj3 #MVPBuzz #MsIntune
Microsoft Mechanics @MSFTMechanics
147K Followers 382 Following Why, How & When to use current and forthcoming Microsoft Tech. Hosted by Microsoft Director @DeployJeremy & colleagues. An official @Microsoft video series.
Hackmanac @H4ckmanac
92K Followers 367 Following We track verified, real-world cyber attacks to help you develop effective Cybersecurity strategies. Try https://t.co/eB7qgxKFAa, your Strategic Threat Intelligence platform
Baptiste Robert @fs0c131y
256K Followers 5K Following CEO @PredictaLabOff | French Security Researcher, Ethical Hacking, OSINT
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
John Marcum @PJ_Marcum
2K Followers 412 Following Just an old dude spewing random nonsense about device management and other seemingly meaningless topics. My views and opinions are just that and nothing more.
Microsoft MVP Communi... @MVPAward
48K Followers 2K Following The official Twitter account of the Microsoft Most Valued Professional (MVP) and Regional Director (RD) Programs. Follow for news, updates, and much more.
Adam Gross [MVP] - AS... @AdamGrossTX
10K Followers 717 Following ChristFollower, Microsoft MVP, Manager End-User Computing, ConfigMgr, Intune, Blogger, Consultant @SCDudes, Speaker @ MMSMOA HASMUG
Damien Van Robaeys [M... @syst_and_deploy
10K Followers 2K Following Microsoft MVP/Modern Workplace consultant #Powershell #MSIntune #MDT #WPF #MECM #MEMPowered #SelfX
Shanholo @ShanHolo
2K Followers 366 Following Another blue team member…..#CSIRT #DFIR #Malware #4n6 #ThreatIntel and following the white rabbit...
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Microsoft Security Su... @MSFTSecSuppTeam
2K Followers 20 Following 🛡️ Microsoft Security (@msftsecurity) supporting: MDE, MDCA, MDC, MDI, Purview, and Security Copilot Answers from the #MicrosoftSecurity CxE engineering team.
Kyle Cucci @d4rksystem
6K Followers 561 Following Threat Research @proofpoint | Author of "Evasive Malware" @nostarch | Talks about cybercrime, threat intel, and malware stuff.
Tech Girl @TechGrlTweeter
1K Followers 1K Following
Virus Bulletin @virusbtn
60K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Shikata ga nai @Shikata_ga_naii
268 Followers 2K Following *Shell lover. Nothing can be done about it!
Balaji VP @ponbalaji
142 Followers 498 Following Security Engineer | Enthusiast #cybersecurity #securityengineer You can allow follow me on https://t.co/14yDPjwFxm
Microsoft Security @msftsecurity
349K Followers 325 Following We are prioritizing security above all else through our Secure Future Initiative (SFI). Explore SFI principles, pillars, and progress here ⬇️
Microsoft BlueHat @MSFTBlueHat
5K Followers 203 Following BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponse
Nıŋʝąƈąɬ 🐈 ... @RavivTamir
4K Followers 373 Following CyberNinjaCat Herder. VP of product strategy for the Microsoft Sentinel and Defender suite. Opinions r my ownTrends for United States
You might like
