sentinel.blog

Home
Membership
Subscribers
About

Sign in Subscribe

Members Featured

Migration Madness

TobyG

15 Jun 2025 • 2 min read

This post is for subscribers only

Subscribe now

Already have an account? Sign in

ConsentFix: Securing Your Tenant Against OAuth Authorisation Code Theft

There's a new OAuth attack making the rounds that's caught the attention of security professionals. ConsentFix (sometimes called AuthCodeFix) exploits a design quirk in how Microsoft first-party applications handle OAuth flows, and it's very effective. There is a straightforward mitigation that takes about five

12 Jan 2026 12 min read

Becoming the Puppet Master of an AI SOC team

I released a Model Context Protocol server called KQL Search MCP last week. The idea was stop manually searching through GitHub repositories every time I needed a KQL query. It search thousands of queries from all GitHub repos, validates them against table schemas, and can even generate new queries from

18 Dec 2025 5 min read

Finding and Writing KQL Queries with the Model Context Protocol

If you work with Microsoft security products, you've probably spent time writing KQL queries. You might search through documentation, look at examples on GitHub, or copy queries from colleagues. KQL-Search-MCP Server makes this easier by bringing query search and generation directly into AI assistants like Claude Desktop, GitHub

12 Dec 2025 9 min read

sentinel.blog © 2026

Sign up
Crypto
Privacy

Powered by Ghost