In **Part 1**, we covered what **OCSF** is and why it solves critical problems for **Microsoft Sentinel** deployments. This post walks through the technical implementation: creating custom tables for OCSF event classes, configuring **Data Collection Rules (DCR)** to transform log

The **Open Cybersecurity Schema Framework (OCSF)** addresses one of the most persistent challenges in security operations: inconsistent log formats across vendors. If you've spent hours writing custom parsers for every new data source in **Microsoft Sentinel**, OCSF offers a stan

Deploy MISP in an Azure Container Instances (ACI) and Integrate with Microsoft Sentinel

Enabling Defender for Cloud - Initial Setup and Config

Deploying Microsoft Defender for Endpoint to Your First Machine

OpenCTI is an open‑source cyber threat intelligence platform designed to manage and visualise knowledge about cyber threats. This post...