Detection Dispatch Episode 39: Top 10 KQL Queries Every Detection Engineer Should Know

In this episode, Alex sits down with Sergio Albea, an accomplished Threat Hunter, Researcher, User Behavior Analyst, and Senior Cloud Security Engineer/Architect, to share a must-have resource for detection engineers: the Top 10 KQL Queries of 2024. From detecting DLL hijacking and MFA fatigue to uncovering anonymous file access in OneDrive and SharePoint, we’ll walk through each query and the data feeds/sources required for detection and discuss their practical uses. Whether you’re new to KQL or an experienced user, these queries are designed to elevate your detection capabilities. Follow Sergio & His Work: Linkedin: https://www.linkedin.com/in/sergioalbea/ His Website: https://sergioalbea.com/ UBA Initiative: https://sckipt.com/ Join our live community bi-weekly on Thursdays! You only have to register once: https://www.anvilogic.com/workshop Stay in the loop! Connect with us on social: Website: https://www.anvilogic.com/ LinkedIn: https://www.linkedin.com/company/anvilogic YouTube: https://www.youtube.com/@Anvilogic