In the session titled "Advanced Threat Detection: Unmasking Real Threats with KQL Queries," participants will explore the art of detecting sophisticated cyber threats that often evade traditional security measures. By leveraging the power of Kusto Query Language (KQL) within Microsoft Defender and Sentinel, the session will guide attendees through advanced techniques for navigating and analyzing security logs. The focus will be on identifying real-positive threats, distinguishing them from false positives, and enhancing the accuracy and efficiency of threat detection processes. This session is ideal for cybersecurity professionals seeking to deepen their expertise in proactive threat hunting and security incident response.

Microsoft Defender suite / Microsoft Sentinel / KQL Language