Jack PollerDec 29

Attackers see your network as a connected graph. You see disconnected alerts. That's why you're losing.

Microsoft Sentinel's AI librarian changes everything—from natural language queries to real-time attack disruption.

The SOC revolution: https://paradigmtechnica.com/2025/12/29/the-ai-librarian-how-microsoft-sentinel-transforms-chaos-into-clarity/

#cybersecurity #AI #SOC #TFDx

The AI Librarian: How Microsoft Sentinel Transforms Chaos into Clarity – Paradigm Technica

Stephen FoskettOct 14

Follow along as the #TFDx delegates report from the #NetAppINSIGHT keynote with our "reverse" live blog! We're collecting the best social media posts here!

https://techfieldday.com/2025/tech-field-day-experience-at-netapp-insight-2025-keynote-live-blog/

Tech Field Day Experience at NetApp Insight 2025 Keynote Live Blog - Tech Field Day

Learn more about NetApp Insight 2025 during the Keynote in our delegate live blog!

Tech Field Day
Stephen FoskettOct 14
We’re ready to kick off #NetAppINSIGHT keynotes! Watch for live coverage right here! #TFDx
Jack PollerOct 9

Microsoft wants to coin the term "vibe hunting" for threat hunting using Security Copilot AI agents and capabilities.

Is that good or bad?

#TFDx #TFDxMSSec25 #Microsoft #Security

Jack PollerOct 9

Security Copilot example: The graph database exposes the (potential) blast radius of an event

#TFDx #TFDxMSSec25 #Microsoft #Security

Show threadJPOct 9
There seems to be a real push to make this thing something other people connect to and build with. Which, yeah, that's what a platform should be about. I do wonder a bit about if there's enough there there though. There's a lot of "coming soon" stuff. #TFDx
Show threadJPOct 9
Sentinel is pretty expensive. The pricing I looked at was something like a minimum spend of AUD $10k a month for 50GB of data. On top of everything else you might need. #TFDx
Jack PollerOct 9

Microsoft Sentinal/Security Platform provides capabilities across the security domains, but different user personas access the capabilities via defender, entra, purview, ... portals.

No #single-pane-of-glass (yet?!?)

#TFDx #TFDxMSSec25 #Microsoft #Security

Show threadJPOct 9
It sounds like Sentinel is going to become the underlying 'platform' thing beneath everything. A single point of success. #TFDx
Show threadJPOct 9
Everything is moving into the Microsoft Defender portal, apparently. It's like a hub. Or possibly a polis. #TFDx