Forum Discussion

RVC's avatar
RVC
Brass Contributor
Nov 01, 2022

SOC impact of enabling MDCA full scope

Are there some statistics available to expect the operating pressure will increase by enabling features of MDCA?     Of course, the reality depends on many other variables, but especially routing t...
Keith_Fleming's avatar
Keith_Fleming
Icon for Microsoft rankMicrosoft
Nov 01, 2022

Hi RVC,

As you said this can vary quite a bit based on a bunch of different factors.

 

One thing we've recently announced is that Defender for Cloud Apps will be moving to Microsoft 365 Defender.  To start I would recommend getting familiar with Incidents there as alerts from Cloud Apps will feed in here.  The good news is that they can also be correlated with alerts across services to provide higher fidelity incidents, so looking at multi-stage incidents in M365D first can help to reduce some of the noise.