For query assistance, please see the following Best Practices guide With the data lake we can do some interesting IOC hunts that perform counts across all devices for similar IOC's and with some use of…

For anyone who's joined the XDR & EDR Data Lake Early Access Program, we've been providing instructions on the different steps to join and enroll devices but I thought it would be useful to have one full…

For query assistance, please see the following Best Practices guide (NEW) Video on Schemas for EDR and Data Lake (15 Min) https://vimeo.com/515493008 With the addition of the data lake a significant amount…

In this 7min video we show the features that were enabled on Feb 22nd for the Early Access Program for the XDR Data lake. Welcome to the EAP and stay tuned more features are coming in March and April as…

For query assistance, please see the following Best Practices guide One of the most frequently used queries by our threat hunting team is a flexible generic search query against the data lake. Often you…

For query assistance, please see the following Best Practices guide Below is a query that will list all installed applications, the publisher, application name, and version number. It performs some nice…