[New blog post] Analyzing #MicrosoftEntra 🤖 Workload Identity Activity Through 🪙 Token-Based Hunting: I’ve published a #KQL function to hunt activities by tokens from non-human identities and share some experimental queries and insights in this article.
www.cloud-architekt.net/token-huntin...
This post introduces the MicrosoftCloudWorkloadActivity KQL function and shows how to hunt token-based activity of workload identities across Microsoft cloud workloads. It covers key parameters, filte...
