𝗨𝗻𝗹𝗼𝗰𝗸𝗶𝗻𝗴 𝘁𝗵𝗲 𝗣𝗼𝘄𝗲𝗿 𝗼𝗳 𝗖𝘆𝗯𝗲𝗿 𝗧𝗵𝗿𝗲𝗮𝘁 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 𝘄𝗶𝘁𝗵 𝗔𝘇𝘂𝗿𝗲 𝗢𝗽𝗲𝗻𝗔𝗜 𝗮𝗻𝗱 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗧𝗵𝗿𝗲𝗮𝘁 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲

I'm excited to share my recent side project! 💻✨

I've been exploring the incredible potential of a simple web app for engaging in conversations with threat intelligence data. In my case, I harnessed the power of Microsoft Defender Threat Intelligence.

All the details are in the following blog post:

https://medium.com/@antonio.formato/chat-with-your-cyber-threat-intelligence-data-with-azure-openai-9a0ea9c829ba

I'd love to hear your thoughts and feedback.

This project has been an eye-opener for me, demonstrating how Generative AI can be a game-changer in the realm of cybersecurity. I hope it serves as a valuable starting point for other innovative applications in the cybersecurity space.

Let's connect and discuss how technology can empower us in the ever-evolving world of cybersecurity. 🌐🛡️

#azure #azureopenai #llm #chatbot #threatintelligence #ti #microsoft #microsoftdefenderthreatintelligence #mdti #cyber #cybersecurity #soc #threatactors #threatanalysis #ttp #ioc #securityanalyst #microsoftsecurity #largelanguagemodel #gpt4 #azurelogicapps #logicapps #cognitiveservices #dev #chat

Today, I refreshed my understanding of 𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿 𝗧𝗵𝗿𝗲𝗮𝘁 𝗜𝗻𝘁𝗲𝗹𝗹𝗶𝗴𝗲𝗻𝗰𝗲 and completed the knowledge check.

I highly recommend everyone to explore the Microsoft Defender Threat Intelligence Ninja Training – it's incredibly useful and informative!

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/become-a-microsoft-defender-threat-intelligence-ninja-the/ba-p/3656965

#microsoft #MicrosoftDefenderThreatIntelligence #threatintelligence #mdti #azure #soc #cybersecurity #learning #learningtime

Microsoft Defender Threat Intelligence (Defender TI) is now available to licensed customers within the Microsoft 365 Defender (M365 Defender) portal, placing its powerful threat intelligence side-by-side with the advanced XDR functionality of M365 Defender.

Use Cases

➡ Advanced hunting with Defender TI IOCs against the logs and Events within Microsoft 365 Defender

➡Upload IOC to a storage account\public GitHub

➡Using KQL Externaldata operator as correlation source and proactive hunting and enabling custom detection on M365 Defender

➡M365 Defender Raw Event Detection

➡M365D Raw events flow into Sentinel with the M365 Defender Data connector

➡MDTI Feeds flow into Sentinel with MDTI Data connector

➡Manual TI correlation rule

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/what-s-new-mdti-interoperability-with-microsoft-365-defender/ba-p/3799846

#DefenderTI #TI #threatintelligence #MicrosoftDefenderThreatIntelligence #xdr #soc #securityplatform #securityanalytst #m365defender #microsoft365defender #microsoft #azure #intelligence #ioc #threathunting #ttp