Episode 39: Top 10 KQL Queries Every Detection Engineer Should Know
Detection Engineering Dispatch - A podcast by Anvilogic - Thursdays

Categories:
In this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024. From detecting DLL hijacking and MFA fatigue to uncovering anonymous file access in OneDrive and SharePoint, we’ll walk through each query and the data feeds/sources required for detection and discuss their practical uses. Whether you’re new to K...