We are thrilled to announce a significant enhancement to our Unified Security Operations (SecOps) platform. You can now view Microsoft Sentinel workbooks directly from the Defender XDR portal without the need to tab out to the Azure portal. This update is designed to streamline your experience and improve efficiency by keeping all your essential tools in one place.
*This blog was posted on behalf of the original author, Aman Kaur. Thank you Aman for preparing this content for the community.*
Key Benefits
- Unified Viewing Experience: Microsoft Sentinel workbook templates and saved workbooks can now be accessed directly within the Defender XDR portal. This eliminates the need to switch between different portals, providing a seamless experience.
- Increased Efficiency and Time Saving: The ability to view workbooks within the Defender XDR portal cuts down on the time spent navigating between portals, leading to faster access to critical information.
- Improved User Experience: This integration simplifies the process of referencing important data and insights, making it easier for security professionals to monitor security events, analyze trends, and review historical data.
Important Note
While viewing capabilities have been integrated into the Defender XDR portal, editing or creating workbooks will still require you to navigate to the Azure portal. This ensures that you have access to the full suite of editing tools and functionalities available in Azure.
How to Get Started
Getting started with viewing Microsoft Sentinel workbooks in the Defender XDR portal is simple:
- Access the Microsoft Defender XDR Portal: Log in to the Microsoft Defender XDR portal using your credentials.
- Navigate to Microsoft Sentinel > Threat Management > Workbooks : Select any workbook.
- View Workbooks: Access and view the templates and saved workbooks directly within the portal.
Moving Forward with Sentinel Workbooks in Defender XDR Portal
With the ability to view Microsoft Sentinel workbooks directly within the Microsoft Defender XDR portal, organizations can significantly enhance their security operations. This feature empowers security teams with the tools they need to efficiently monitor, investigate, and respond to threats—all from a single interface.
By bringing together a unified viewing experience across incidents, alerts, users, devices, and files, this enhancement streamlines threat hunting, investigation, and response workflows. This ultimately helps organizations stay ahead of evolving threats and ensures they have the necessary context to protect their environment effectively.
Get started with workbooks in the unified portal today!
Updated Dec 16, 2024
Version 3.0
Matt_Lowe
Microsoft
Microsoft
