Forum Discussion
Manage security alerts in Microsoft 365 security center(MTP), Sentinel or separately?
I am having some questions and would like to receive opinions that can contribute. I have the solutions in my environment and I'm in doubt about how to centralize everything. I have Azure Sen...
In general MTP is used for a single pane of glass of all MS365 alerts. If you have Sentinel, Sentinel is your single pane of glass.
MTP isn't useless if you have Sentinel. MTP does a lot of correlation between alerts builtin and adds intelligence of it's own.
MTP isn't useless if you have Sentinel. MTP does a lot of correlation between alerts builtin and adds intelligence of it's own.
In my environment I have 4 technologies that generate alerts in M365SC. These same technologies open up offenses in the sentinel as well. The question is, does it make sense to open the same offenses in both tools? Or would it be interesting to centralize these 4 only on the M365SC and leave Sentinel for other technologies and third-party technologies?
- I would use Sentinel for both first and third-party products. This way you have an overview of the alerts. Investigation can be done in MTP
