SOCAutomators | Mike Palitto | Substack

Six amazing new changes to Group Policy

Troubleshooting Group Policy has always been about one thing: visibility.

Apr 2 • Andrea Fisher

Recent posts

Log Sources Your SOC Needs for Detection, Forensics, and Hunting

Threat-Informed Defense Series | The Agentic SOC

Mar 30 • Mike Palitto

Top 10 Threats Breaching Organizations Right Now

Threat-Informed Defense Series | The Agentic SOC

Mar 27 • Mike Palitto

Threat-Informed Defense Series

The Agentic SOC

Mar 25 • Mike Palitto

Collect the data you actually want

Custom data collection in Defender for Endpoint

Feb 26 • Andrea Fisher

Vibing Step 3 - Mike what are we building anyway?

AI Autonomous SOC yep

Feb 25 • Mike Palitto

Top posts

What should I log in my data lake?

Jul 28, 2025 • Andrea Fisher and Mike Palitto

New built‑in Alert Tuning rules in Defender

Feb 6 • Andrea Fisher

NTLM Auditing Just Got a Glow-Up in Windows 11 24H2 & Server 2025

Jul 23, 2025 • Andrea Fisher

Check your custom rules in Sentinel before December 13 (Now July 1, 2026)

Nov 17, 2025 • Andrea Fisher

Turning off incident correlation for Sentinel alerts in the Defender portal

Jan 5 • Andrea Fisher

The latest from

Andrea Fisher

Six amazing new changes to Group Policy

Mike Palitto

Log Sources Your SOC Needs for Detection, Forensics, and Hunting

SOCAutomators

SOCAutomators

Helping build next generation security operations leveraging automations, risk analysis, machine learning and artificial intelligence.

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts