Prerequisite Enable UEBA – Use entity behavior analytics to detect advanced threats If already have UEBA enabled, you will notice […]
Azure Sentinel – IdentityInfo table [Public Preview] Read Post »
The 12th July, Microsoft has announced the General Availability (GA) of Azure Sentinel Watchlist to all regions! Azure Sentinel watchlists
Azure Sentinel – Watchlist [General Availability] Read Post »
The new watchlist UI encompasses the following functionality: Add new watchlist items or update existing watchlist items. Select and update
Azure Sentinel – Update Watchlist UI Enhancements Read Post »
Azure Sentinel Watchlists provides the ability to quickly import IP addresses, file hashes, etc. from csv files into your Azure
Azure Sentinel – Watchlist Enhancements Read Post »
The 09 November, Microsoft announced that the public preview of the new Microsoft 365 Defender connector is now available. The
Azure Sentinel – Microsoft 365 Defender (MTP) connector now in Public Preview Read Post »
An Azure Logic App can be used in Azure Sentinel as a Playbook to be automatically invoked when an incident
Azure Sentinel – Monitoring your Logic Apps Playbooks Read Post »
Azure Sentinel playbooks help to automate tasks, improve investigations, and allow quick responses to threats. This new feature enables selection of up
Azure Sentinel – Multiple playbooks to one analytic rule Read Post »
Nice to see the Office 365 Advanced Threat Protection connector for Azure Sentinel ! Description Office 365 Advanced Threat Protection
Office 365 ATP connector for Azure Sentinel [Public Preview] Read Post »
What is Azure Sentinel Livestream? Livestream lets you run queries that refresh every 30 seconds and notifies you of any
Livestream for Azure Sentinel [General Availability] Read Post »