The week of October 21st, I spent some time speaking at the Midwest Management Summit conference in Ft. Lauderdale, Florida. The weather was fantastic, and the sold-out event was excellent (as always).
A mix of endpoint management, security, and cloud sessions, if you’ve never attended this conference, you should give it a chance. It’s definitely worth it. The conference runs bi-annually. The next edition is at the Mall of America, in May 2025 (https://mmsmoa.com/mms2025moa).
I was already scheduled to speak, but at the last minute one of the speakers for a KQL session became unavailable, so I was asked to pull together a KQL session quickly. This conference has had KQL sessions before, so I thought I’d do something a little different and instead of a talking/demo session I’d build a mini workshop to give attendees some hands-on learning.
What resulted was a well-received, hour and a half discussion with hands-on opportunities. I made the session available to the attendees of MMS so they could review and dig into the content we ran out of time to cover. But I also want to make it available to everyone so anyone can dig through and learn KQL on their own, but also deliver this mini workshop to their own organization.
I’ve placed the entire session deck and the included KQL queries on one of my GitHub repositories.
MMS session and queries: https://aka.ms/MMSKQL
Don’t forget! There’s still the Must Learn KQL series (https://aka.ms/MustLearnKQL) and the Microsoft Press book for those that want to take their learning deeper: The Definitive Guide to KQL
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[ Subscribe to the Bi-weekly Copilot for Security Newsletter]
[Subscribe to the Weekly SIEM and XDR Newsletter]
[Learn KQL with the Must Learn KQL series and book]
[Learn AI Security with the Must Learn AI Security series and book]
** Need a Tech break?? Sure, we all do! Check out my fiction novels: https://RodsFictionBooks.com