Forum Discussion

AshleyMartin's avatar
AshleyMartin
Icon for Microsoft rankMicrosoft
May 17, 2022

New Blog Post | Investigating an Alert Using Defender for IoT and Wireshark

 

Investigating an Alert Using Defender for IoT and Wireshark - Microsoft Tech Community

This blog will be one in a series of blogs to discuss the above topic. We will take specific Microsoft Defender for IoT alerts and try to understand what initiated the alert and if the issue is one needing further investigation or remediation or not. We will follow a basic sequence to start the analysis.  This initial sequence will be used for all the investigations.

 

As the blog progresses, if you have an alert of concern and you are willing to provide a pcap, we can follow this process for your alert. Any examples used would be scrubbed and addresses anonymized.

No RepliesBe the first to reply

Resources