WPNinjas HeaderWPNinjas Header

Author: Thomas Kurth

Microsoft Sentinel
Thomas Kurth

Microsoft Sentinel ASIM Parser demystified

In the realm of cybersecurity, the ability to efficiently parse and analyze vast amounts of data is crucial. Microsoft Sentinel offers a powerful solution for this purpose. One of its key features is the ASIM (Advanced Security Information Model) parser, which plays a significant role in data normalization and enrichment.

Read More »
Microsoft Sentinel
Thomas Kurth

Enhancing Network Security Insights with IDS/IPS of Ubiquiti Dream Machine Pro and Microsoft Sentinel

In my previous post, I explored the basics of integrating Ubiquiti Dream Machine Pro logs with Microsoft Sentinel, setting the stage for advanced network monitoring and security analysis. Today, we’re taking a significant leap forward by incorporating the threat detection capabilities of the device, which is using Suricata, an open-source

Read More »
Microsoft Sentinel
Thomas Kurth

Ubiquiti Dream Machine Pro Logs to Microsoft Sentinel

Many IT geeks may have at home an Ubiquiti Dream Machine Pro to manage and protect their network. It’s a perfect device to build test networks and having some cool options like having an Azure Site to Site VPN tunnel. But can I also leverage the logs in Microsoft Sentinel?

Read More »
Powershell
Thomas Kurth

Unveiling a new version of M365Documentation PowerShell Module: Creating Markdown Documentation with Ease

The Microsoft 365 community has a reason to rejoice as a new release of the M365Documentation PowerShell module was published PowerShellGallery.com. With the latest update, users can now create comprehensive documentation in Markdown format, complete with an intuitive table of contents. This feature has been highly anticipated and requested by

Read More »
Microsoft Purview
Thomas Kurth

Microsoft Purview Information protect predefined permission groups demystified

When working with Information Protection Sensitivity Labels it’s common to create labels which also enforce encryption. Today we have multiple predefined groups available, but which users do they really include. Because of this I have played through the different scenarios and provide an overview within this blog.  Test environment Tenant

Read More »
Security
Thomas Kurth

Extending Microsoft Sentinel with important device data

During security Incident Analysis, Threat and Vulnerability Management and security activities it’s important to have enough data available to correlate them.  Especially Microsoft Intune contains a lot of valuable information, but also other resources which are available via Microsoft Graph can be helpful. It is simple to add this information

Read More »
General
Thomas Kurth

Improving Consultants life with a SlideLibrary

In my job I have to held a lot of presentations and maintaining all the slides and keeping them up-to-date is a hassle. I searched a solution to improve this as out team at baseVISION grows every year which does not have a positive impact on the above topic. During

Read More »
Security
Thomas Kurth

It’s all about the signature! Why S/MIME is important

Before starting the technical part, which contains a unique and full solution to deploy S/MIME certificates with MEM Intune to clients, I will highlight why it is important to implement S/MIME within your environment. I started the work on this topic as we had the internal discussion at baseVISION if

Read More »