aaron597.com

Details

Written by: Aaron DeJong

Category: Blog Posts

Published: 20 June 2025

Hits: 50

Microsoft Solutions

SIEM, SOAR and XDR are three Microsoft solutions that provide Security Information Event Manager, Security Orchestration and Automation Response, and Extended Detection and Response. The SIEM is the main system for log aggregation and alert generation. For SOAR it looks through events and analyzes them to get automated responses to alerts or suspicious events. The XDR is a system in which integrates the threat detection and response from security sources in the enterprise like cloud or networking devices.

SIEM

A SIEM is a Security Information Event Manager and is responsible for log aggregation along with some alerts that can be generated in a SIEM. There were two different systems that the SIEM replaced, which were the SIM and the SEM. The SIM was the Security Information Management which collected log files to identify security events that are suspicious. The SEM was the Security Event Management which provides log aggregation on events that were related to security software and hardware like firewalls, IDS, and IPS systems.

The main SIEM application for Microsoft is Azure Sentinel which is more of a Security Operations Center (SOC) type of application. Azure Sentinel provides this log aggregation along with analysis, log correlation and data analysis for visualization and log retention.

SOAR and XDR

SOAR is the Security Orchestration and Automation Response that works with a SIEM system like Azure Sentinel. This is to provide security orchestration by collating the logs from a SIEM to provide an automated response by using AI and Machine Learning. This augments the SOC team and provides automated responses for more mundane and trivial log detections. Freeing up the SOC team will result in a better detection and response time.

XDR is Extended Detection and Response which allows a response to more elaborate threat detection using both the SIEM and SOAR system to provide for XDR. This is for better mean time to respond for the SOC team. The XDR also correlates Threat Intelligence and Security System logs in the mix for better SOC Operations giving the team a better chance to detect threats while reducing false positives.

Conclusion

I am using this as a blog post instead of an article. I need to work on my expertise more on the Microsoft Security applications to do a better job for my blog. I am going to be doing the Aaron W. DeJong IT Articles still and might work more on the articles for Microsoft Security concepts. This blog is going to be more on the computer networking or Cisco side of the IT House.

I will be working on more content and will update the blog on Friday for this one and aaronwdejong.net. This will allow me to complete to blog posts on a day that I normally do the aaronwdejong.net blog.

Details

Written by: Aaron DeJong

Category: Blog Posts

Published: 22 May 2025

Hits: 69

Article

I am writing an article on Azure Sentinel, as far as SIEM, SOAR, and XDR are concerned with Sentinel. This article is coming together with the knowledge that I have gained from my recent SC-900 certification. I will publish this article next week as I wrap up the writing and editing process. The article is going to be called SIEM, SOAR and XDR. It goes into the different functions in Azure Sentinel based on those functions.

Training

My gameplan for training is to study and take both the Certified in Cybersecurity and the CCNP ENCOR exams this year. For the Certified in Cybersecurity certification, I would like to take it in July. I will wait until later in the year to take the CCNP ENCOR or Enterprise Core exam. In the second half of the year, I would like to do more with Python and Ruby along with Terraform and Chef programming.

Along with this training there are some things that I would like to work on as far as next year. Currently, I am working towards the CCNP ENARSI, SSCP, SC-200 and the SAL1 from TryHackMe for next year. This will help my Microsoft and Cisco training as well as work towards more exposure on the CISSP Security Operations module. The CCNP ENARSI exam is the CCNP Enterprise Advanced Routing exam and will allow for me to become a CCNP Enterprise along with the ENCOR exam.

Blog

This is the second blog post that I have posted on aaron597.com and the blog is working well with the Joomla Server that I created. I am working on making some more content for aaron597.com and will try to do more Cisco and Microsoft. I’m interested in cybersecurity stuff too, so I will also be posting about the things that I am doing on TryHackMe and HacktheBox.

Conclusion

There are updates about my TryHackMe rank and how many badges that I have earned along with the status of my progress in the Sapphire League that I am in now. To update you on those I am currently on a 17-day streak ranked at 9437 with 32 badges and 211 rooms completed. I am still a Legend and ranked #11 in the Sapphire League with the top 7 advancing to the next league.

I am working on doing more for the Cisco side and became a top fan of Router Nest and a rising fan on It Networks on Facebook. I would still have to work on the Cisco and Microsoft Communities and on social media to get enough exposure to the Cisco Champion or Microsoft MVP program. Some things are working for the better and I still have room to go before I hit the numbers needed to get into these programs.

Details

Written by: Aaron DeJong

Category: Blog Posts

Published: 15 May 2025

Hits: 103

Exploring Cisco and Microsoft

There are some things that I want to do with this new blog. I am going to be exploring Cisco and Microsoft technologies in this blog aaron597.com. Making a new blog was tougher than I anticipated and was an experience of its own. I created this blog for another channel where I can do new blog posts and explore these Cisco and Microsoft Technologies.

Introduction

My name is Aaron DeJong and currently I hold eight certifications all together. These certifications include the CompTIA ITF+ and A+, the Microsoft MS-900, AZ-900, and SC-900 in addition to the Cisco CCNA, CCST: Networking and the CCST: Cybersecurity. I am the Owner of this blog and aaronwdejong.net in addition to a Freelance Writing and IT Consulting firm located in Aurora, CO.

Goals for the Blog

According to what I want to accomplish, I want to explore the Microsoft and Cisco technologies and its relation to my expertise. This will provide a new channel to work on becoming a Cisco Insider Champion and a Microsoft MVP. I will need the certifications from Cisco and Microsoft to get this to work more effectively.

There are some things that I will keep on aaronwdejong.net like the mental health aspects of my journey in IT with mental health. I will be posting about articles by importing them into Joomla from Medium. I will also be posting more about the certifications that are relevant on this blog in addition to ones that I am pursuing.

Article

Worked on an article that I published on Medium which can be found at the following link:

https://medium.com/aaron-w-dejong-it-articles/setting-up-a-joomla-server-in-akamai-ba1bd8c76463

The article is called Setting up a Joomla Server in Akamai and it is an article that I want to share with you. If you want to get into some more of my writing, I am @dejongaaron on Medium.com. There are the articles I have done in addition to the aaronwdejong.net blog posts that I have on there.

Conclusion

This is my first post on this platform which is for aaron597.com and I will be importing it into Medium as a blog post. Please check out my other blog when you get a chance which is aaronwdejong.net. There are some more blog posts that I am putting on Medium as well from aaronwdejong.net. Since this is the first blog post on this platform, I will let you know that I recently passed the SC-900 certification. Looking forward to telling you more about my journey in IT.