Threat Hunting with Microsoft Defender XDR (including Defender for Endpoint): Investigating Tor Browser Activity

Threat Hunting with Microsoft Defender XDR (including Defender for Endpoint): Investigating Tor Browser Activity

Investigating Tor Browser installation and network activity using Microsoft Defender XDR and KQL during a proactive threat hunting exercise

Featured Posts

Building a Governance-Driven Vulnerability Management Program from Scratch

Building a Governance-Driven Vulnerability Management Program from Scratch

MITRE ATT&CK vs The Cyber Kill Chain: Understanding Two Core Threat Models

cybersecurity

MITRE ATT&CK vs The Cyber Kill Chain: Understanding Two Core Threat Models

February 26, 2026

Building an Incident Escalation Playbook – From Alerts to Action

cybersecurity

Building an Incident Escalation Playbook – From Alerts to Action

February 05, 2026

Recent Posts

Useful Websites & Resources for Cybersecurity News

cybersecurity

Useful Websites & Resources for Cybersecurity News

January 22, 2026

SIEM Log Analysis: Detecting Cleartext Traffic and HTTP-Based Data Exfiltration

cybersecurity

SIEM Log Analysis: Detecting Cleartext Traffic and HTTP-Based Data Exfiltration

January 08, 2026

Building an ISO 27001 Risk Register: A Practical Exercise in Seeing Risk Clearly

cybersecurity

Building an ISO 27001 Risk Register: A Practical Exercise in Seeing Risk Clearly

December 15, 2025

四季 Shiki: Seasons, Stillness, and Balance

Photography

四季 Shiki: Seasons, Stillness, and Balance

November 03, 2025

Lessons from MIT: Cybersecurity for Managers – A Playbook

cybersecurity

Lessons from MIT: Cybersecurity for Managers – A Playbook

October 31, 2025

Security+ vs ISC2 Certified in Cybersecurity (CC): What I Learned from Taking Both

cybersecurity

Security+ vs ISC2 Certified in Cybersecurity (CC): What I Learned from Taking Both

October 19, 2025