detection 4
- Defender for Identity - 40+ New or Expanded Built-In Alerts You Might Have Missed
- Retrieve Azure VM Run Commands through Defender AH tables (PoC)
- VNet Flow Logs - Detection of Malicious Outbound Connections with DNS Mapping
- Detect suspicious DNS requests using Azure DNS Security Policy and Sentinel Summary Rules