Forum Discussion

dmarquesgn's avatar
dmarquesgn
Iron Contributor
Jun 02, 2023

Align Sentinel incident taxonomy with ENISA

Hi, I'm starting now to work with Microsoft Sentinel, and quite like it. Before we can do a more complete implementation and go into production with it, one of the things that I would like is to ali...
siem
dmarquesgn's avatar
dmarquesgn
Iron Contributor
Jun 02, 2023

cyb3rmik3 

Thanks for the input. I've also thought about tags as an option, but also thought that being ENISA well known in Europe, that Sentinel might had already some way to fit into their taxonomy.

And if there any possible way to automate the creation of tags according to the MITRE ATT&CK framework already stated in each incident?

 

Thanks

cyb3rmik3's avatar
cyb3rmik3
Icon for Microsoft rankMicrosoft
Jun 02, 2023

dmarquesgn hello,

 

you can follow the exact same method as I described earlier but choose "Tactic" as a condition to your automation rules, to assign your custom tags.

 

 

If I have answered your question, please mark your post as Solved

If you like my response, please consider giving it a like

  • dmarquesgn's avatar
    dmarquesgn
    Iron Contributor
    Jun 07, 2023

    cyb3rmik3 

    Hi,

    I'll go on and want to try the Tags in order to achieve what I need.

    Now I want to start by creating my tags. Where do I have an option to see all tags and create some new tags?

    Thanks