cd
Toggle Menu
whoami
detection
blog
tags
Detections tagged with
AuditLogs
Jan 24, 2025
AzureAD - CAP: Conditional Access Policy Deleted
#KQL
#Sentinel
#AzureAD
#CAP
#AuditLogs
#T1556.009
Jan 25, 2025
Azure AD - App/OAuth: Admin Consented to Risky API Permissions on Behalf of the Organization
#KQL
#Sentinel
#AzureAD
#OAuth
#AuditLogs
#T1199
Jan 27, 2025
Azure AD - CAP: New Trusted Location Created
#KQL
#Sentinel
#AzureAD
#CAP
#AuditLogs
#T1556.009
Jan 28, 2025
Azure AD - CAP: Named Location Modified
#KQL
#Sentinel
#AzureAD
#CAP
#AuditLogs
#T1556.009
Jan 29, 2025
Azure AD - CAP: Trusted Location Modified
#KQL
#Sentinel
#AzureAD
#CAP
#AuditLogs
#T1556.009