What are the Best practices used cases for Security Alerts for Cloud Security?

Question

Hello All,&nbsp;Few basic questions;&nbsp;What are best practices used cases for Security , malicious activity, cloud Security etc.&nbsp;What are top 10 or 20 used cases list for different scenario&nbsp;&nbsp;

clivewatson · Answer

Sohail_Patel&nbsp;
&nbsp;
Have you looked at the Sentinel Github (especially the Detection and maybe even the Hunting folders)&nbsp;https://github.com/Azure/Azure-Sentinel
&nbsp;
Also see SOC prime integration&nbsp;https://techcommunity.microsoft.com/t5/azure-sentinel/azure-sentinel-sigma-and-soc-prime-integration-part-1-convert/ba-p/1232903
&nbsp;
Maybe also some partner content (two seelcted at random)
https://github.com/BlueTeamLabs/sentinel-attack/tree/master/detections&nbsp;and&nbsp;https://github.com/wortell/KQL&nbsp;
&nbsp;
Also when you deploy (or just have a look) at a Sentinel connector - see:
&nbsp;
Data Connector --&gt; Open Connector Page --&gt;&nbsp; [Next Steps] --&gt; "Relevant analytic templates"&nbsp; &nbsp;
This shows any related Alerts / use cases&nbsp;
&nbsp;

Forum Discussion

What are the Best practices used cases for Security Alerts for Cloud Security?

Share

Resources