- Technology
- SEE MORE
- classical
- general
- talk
- News
- Family
- Bürgerfunk
- pop
- Islam
- soul
- jazz
- Comedy
- humor
- wissenschaft
- opera
- baroque
- gesellschaft
- theater
- Local
- alternative
- electro
- rock
- rap
- lifestyle
- Music
- como
- RNE
- ballads
- greek
- Buddhism
- deportes
- christian
- piano
- djs
- Dance
- dutch
- flamenco
- social
- hope
- christian rock
- academia
- afrique
- Business
- musique
- ελληνική-μουσική
- religion
- World radio
- Zarzuela
- travel
- World
- NFL
- media
- Art
- public
- Sports
- Gospel
- st.
- baptist
- Leisure
- Kids & Family
- musical
- club
- Culture
- Health & Fitness
- True Crime
- Fiction
- children
- Society & Culture
- TV & Film
- gold
- kunst
- música
- gay
- Natural
- a
- francais
- bach
- economics
- kultur
- evangelical
- tech
- Opinion
- Government
- gaming
- College
- technik
- History
- Jesus
- Health
- movies
- radio
- services
- Church
- podcast
- Education
- international
- Transportation
- Other
- kids
- podcasts
- philadelphia
- Noticias
- love
- sport
- Salud
- film
- and
- 4chan
- Disco
- Stories
- fashion
- Arts
- interviews
- hardstyle
- entertainment
- humour
- medieval
- literature
- alma
- Cultura
- video
- TV
- Science
- en
The Inside Scoop on Using KQL for Cloud Data Security
In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by the authors of the new book The Definitive Guide to KQL: Using Kusto Query Language for Operations, Defending, and Threat Hunting. Guests Rod Trent, Matt Zorich, and Mark Morowczynski discuss the significance of KQL (Kusto Query Language) in cloud data security and how it enables efficient data querying for threat detection in Microsoft products like Sentinel and Defender. They share insights from their own experiences, highlight key features of the book, and explain how both beginners and experts can benefit from KQL. Later in the episode Sherrod speaks with Senior Threat Hunter Lekshmi Vijayan about the growing trend of cyberattacks using malicious PowerShell commands. Lekshmi explains how attackers trick users into copying and pasting harmful code, often through compromised websites or phishing emails. They discuss how these attacks aim to install remote access tools like NetSupport RAT or information stealers, targeting sensitive data like browser credentials and crypto keys.\xa0\n\xa0\n\nIn this episode you\u2019ll learn:\xa0\xa0\xa0\xa0\xa0\xa0\n\nHow KQL is applied in real-world security scenarios including incident response\xa0\n\nKey features and benefits of KQL when it comes to security and cloud data\xa0\n\nDistinguishing between legitimate and malicious uses of remote management tools\xa0\xa0\n\n\xa0\xa0\n\nSome questions we ask:\xa0\xa0\xa0\xa0\xa0\xa0\xa0\n\nHow does KQL tie into the Microsoft ecosystem, like Defender and Copilot?\xa0\n\nWhat advice would you give to someone new to KQL who wants to start learning?\xa0\n\nWhat is the technique we're seeing with copy-pasting malicious PowerShell?\xa0\xa0\n\n\xa0\n\nResources:\xa0\xa0\nView Mark Morowczynski on LinkedIn\xa0\nView Matt Zorich on LinkedIn\xa0\nView Rod Trent on LinkedIn\xa0\nView Lekshmi Vijayan on LinkedIn\xa0\xa0\nView Sherrod DeGrippo on LinkedIn\xa0\xa0\n\xa0\n\nRelated Microsoft Podcasts:\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\xa0\n\n\nAfternoon Cyber Tea with Ann Johnson\xa0\n\n\nThe BlueHat Podcast\xa0\n\n\nUncovering Hidden Risks\xa0\xa0\xa0\xa0\xa0\n\n\xa0\nDiscover and follow other Microsoft podcasts at microsoft.com/podcasts\xa0\xa0\n\xa0\nGet the latest threat intelligence insights and guidance at Microsoft Security Insider\xa0\n\xa0\n\xa0\nThe Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.