Mastodawn

Learn the basics of KQL to start your journey into security investigations, threat hunting, and detection engineering with hands-on experience in a hyper-realistic lab environment! Certificate of Completion is included!

Blu Raven Academy

Mehmet Ergene Apr 18, 2025

🐣 HAPPY EASTER CAPSTONE! 🛡️

My KQL courses now include a complete attack scenario to test your skills — end to end.

🎯 Hands-on labs
📉 20% OFF for a limited time!
Crack it open 👇

#KQL #Kusto #ThreatHunting #DetectionEngineering #DFIR

https://academy.bluraven.io

Home - Blu Raven Academy

Master KQL for threat hunting, detection engineering, and incident response in a hyper-realistic lab environment using real logs!

Blu Raven Academy

Mehmet Ergene Apr 17, 2025

🎁 NEW UPDATE:

I've added a small challenge to my FREE "Hands-On Introduction to KQL for Security Analysis" course.

More will be coming soon!

#KQL #Kusto #MicrosoftDefender #MicrosoftSentinel
👇
https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis

Introduction to KQL for Security Analysis

Learn the basics of KQL to start your journey into security investigations, threat hunting, and detection engineering with hands-on experience in a hyper-realistic lab environment! Certificate of Completion is included!

Blu Raven Academy

Mehmet Ergene Apr 10, 2025

🚨 FREE unlimited lab access to "Introduction to KQL for Security Analysis" course!

Thrilled to announce that my Intro to KQL for Security Analysis lab environment is now completely free with no time restrictions!

https://academy.bluraven.io/course/introduction-to-kql-for-security-analysis

#KQL #Kusto #ThreatHunting #Infosec

Introduction to KQL for Security Analysis

Learn the basics of KQL to start your journey into security investigations, threat hunting, and detection engineering with hands-on experience in a hyper-realistic lab environment! Certificate of Completion is included!

Blu Raven Academy

Mehmet Ergene Feb 15, 2025

🥲 Seems like you don't even have to use residential proxies for device code phishing for evasion. Just get a machine in one of the cloud providers' corresponding regions. 🤷‍♂️

I used plaintext roadtx and then used roadrecon to dump Entra ID data. I even caused sign-in failures. There isn't any CAP in this tenant. Could that be the reason? AFAIK, it doesn't affect risk identification.

Mehmet Ergene Feb 15, 2025

💙 Fall in Love with Threat Hunting, Incident Response, and Detection Engineering using #KQL 💙
Code: VLTN30
Valid until 17.02

https://academy.bluraven.io/

#ThreatHunting

Home - Blu Raven Academy

Master KQL for threat hunting, detection engineering, and incident response in a hyper-realistic lab environment using real logs!

Blu Raven Academy

Mehmet Ergene Jan 2, 2025

New Year, New Blog

https://academy.bluraven.io/blog/mastering-log-ingestion-delay-in-detection-engineering

#DetectionEngineering #SIEM #XDR

Mastering Log Ingestion Delay in Detection Engineering

Mastering log Ingestion delay in detection engineering to avoid false positives, false negatives, and improve accuracy.

Mehmet Ergene

Mehmet Ergene Dec 3, 2024

[NEW BLOG]
EDR Silencer and Beyond: Exploring Methods to Block EDR Communication - Part 2

https://academy.bluraven.io/blog/edr-silencer-and-beyond-exploring-methods-to-block-edr-communication-part-2

In collaboration with
@fabian_bader

#redteam

EDR Silencer and Beyond: Exploring Methods to Block EDR Communication - Part 2

Alternative methods for EDR Silencers for blocking EDR communication to disable defenses.

Mehmet Ergene

Blog	https://posts.bluraven.io
GitHub	https://github.com/Cyb3r-Monk
Twitter	https://twitter.com/Cyb3rMonk