Forum Discussion
Microsoft Threat Intelligence Analytics
We have few domain names detected from this rule and the domain names are mentioned in the Microsoft Threat Intelligence. But the device action for the domain names is Sinkhole. We are receiving mul...
Rod_Trent
Microsoft
MicrosoftHave you considered building a Watchlist with the reported domains?
https://learn.microsoft.com/en-us/azure/sentinel/watchlists-queries
https://learn.microsoft.com/en-us/azure/sentinel/watchlists-queries