Maximizing Microsoft Sentinel ROI with VirtualMetric DataStream – Part 2
Microsoft Sentinel is an extremely powerful platform—but at scale, Windows telemetry (especially Security events) can quickly become one of the highest cost and noise drivers in the workspace. If you’re…
Microsoft Sentinel Cost Estimation and Optimization — The Definitive Guide!
Managing SIEM costs is critical to the sustainability of security operations. This article provides a deep dive into Microsoft Sentinel’s pricing model, including ingestion tiers, data lake, analytics optimization, Sentinel…
Microsoft Certified Trainer (MCT) 2026
I am very happy and grateful to share that I’ve successfully renewed my Microsoft Certified Trainer (MCT) status for another year, marking my sixth consecutive year in this incredible global…
Accelerate Microsoft Sentinel data lake deployment
Microsoft Sentinel has evolved from a cloud-native SIEM into a modern security data lake platform that enables organizations to ingest, retain, and analyze massive volumes of log data without compromising…
Secure Log Transfer Between Microsoft Sentinel Workspaces: A Serverless Approach
Enterprise Microsoft Sentinel deployments often require selective log replication between workspaces—from Production to Non-Production for testing, from regional instances to centralized Security Operations Centers (SOCs), or for compliance and audit…
Maximizing Microsoft Sentinel ROI with VirtualMetric DataStream – Part 1
Microsoft Sentinel has become a leading cloud SIEM/XDR/SOAR platform, but organizations often struggle to get full value from it. High-volume security telemetry can drive up ingestion and storage costs, while…
Configure Diagnostic Settings for Storage Accounts to Sentinel at Scale
This article will demonstrate how to enable and configure Diagnostic logging from all storage services within the Azure Storage Account – Blob, Queue, Table, and File into your Microsoft Sentinel…
Meet the Refreshed Azure Storage Essential Training Course (2025)
Azure Storage has evolved rapidly, and I’m excited to announce that my Azure Storage Essential Training course on LinkedIn Learning has been fully updated (released October 2025). This 3h56m intermediate-level…
Master Codeless Connector Framework Development for Microsoft Sentinel
Updated – 16/02/2026 – Microsoft announced Microsoft Sentinel’s CCF Push Feature. The push feature enables real-time, high-volume delivery of security data directly into Sentinel with no complex setup. Built on…
Ingest Custom Logs to Microsoft Sentinel: A Step-by-Step Guide
Modern SIEM and platform solutions like Microsoft Sentinel can ingest logs from virtually any source, including custom text and JSON logs from network appliances and applications, and land them in…
Effective Tips To Manage Microsoft Defender XDR Tables
Updated—12/02/2026 — For supported Microsoft Defender XDR tables (MDE/MDO/MDA), you can now stream directly to the Microsoft Sentinel data lake while keeping XDR retention at 30 days (included in license)….
Solution – Fix Microsoft Sentinel Missing Incident Description
In early July 2025, Microsoft announced that Microsoft Sentinel in the Azure Portal will be deprecated as of July 1, 2026. From that date forward, all access requests to the…