DevSecOpsDad

KQL Toolbox is officially live! As part of this new KQL Toolbox series, I bring you practical, reusable KQL snippets straight from the trenches of real-world Microsoft Sentinel work. Think of it as your regular “KQL vitamin:” small dose, big impact. And today we’re kicking things off with the one... [Read More]

Introduction & Use Case: Identifying Internet-Facing Devices Matter to Every Framework You Care About. Before we even dive into tooling, let’s anchor the importance of this work in the actual security and compliance frameworks that govern nearly every mature organization. Pretty much every major framework assumes you know which assets... [Read More]

Introduction & Use Case: Welcome back to the 🧰 PowerShell Toolbox series on DevSecOpsDad.com; If you’ve followed this PowerShell Toolbox series so far, you’ve mapped your Azure network (Part 1), audited privileged RBAC roles (Part 2), and exported every Group Policy Object into a single offline HTML snapshot (Part 3).... [Read More]

Introduction & Use Case: Welcome back to the 🧰 PowerShell Toolbox series on DevSecOpsDad.com — your four-part, no-nonsense tour through the scripts I rely on for audits, baselines, IR, and cloud security hygiene. You’ve already mapped your Azure network (Part 1) and audited privileged RBAC roles (Part 2). Now, in... [Read More]

Introduction & Use Case: Welcome back to the 🧰 PowerShell Toolbox series — your four-part deep-dive into must-have scripts for cloud engineers, security architects, auditors, and anyone who’s ever stared at an Azure tenant and thought: “Who really has access to what?” If you’ve ever asked, “Who has elevated permissions... [Read More]