Azure Sentinel - RDP Mapping
Introduction An attacker will try to brute force into my virtual machine. I will get their information, such as geographical data and ip address. Then, I will send this information to Azure. Through Sentinel Workbook, a widget will be created of a worldwide map to showcase these attackers’ attempts. Essentially, my virutal machine will act as a honepot and I’m able to monitor the login attempts. Configuration Virtual Machine First, I created a VM with a Windows 10 image....