New Blog Post | Using Automated Notebooks and Azure Sentinel to Improve Sec Ops

Software Defined Monitoring - Using Automated Notebooks and Azure Sentinel to Improve Sec Ops - Microsoft Tech Community

Incident triage is a core component of security monitoring operations and ensuring triage processes are efficient and effective is key to detecting security threats. Recent high profile security incidents have shown that detecting threats is insufficient unless effective triage and investigation of them is conducted. In this blog we detail how to deploy and use a solution that allows for the automatic execution of Jupyter Notebooks to provide enrichment to incidents within Azure Sentinel.  This process allows security analysts to triage incidents more quickly and effectively, as well as ensuring a consistent, quality approach is taken.

 

Original Post: New Blog Post | Using Automated Notebooks and Azure Sentinel to Improve Sec Ops - Microsoft Tech Community