Forum Discussion
HeikeRitter
Microsoft
MicrosoftNinja Cat Giveaway: Episode 3 | Sentinel integration
For this episode, your opportunity to win a plush ninja cat is the following -
Reply to this thread with: what was your favorite feature Javier presented? Oh and what does UEBA stand for?
Th...
Hi Heike,
My favorite features Javier presented today are the following:
1. Data connectors. {collecting different data from other MS services or third-party applications.}
2. Analytic rules. {The way to start detecting is enabling analytics rules, you always want to start from enabling necessary rules (NOT everything) as a best practice. }
3. Content hub (Preview) {a solution gallery}
4. Bi-direction synchronization between MS Sentinel and MS 365 Defender
5. MITRE ATT&CK (Preview) {a comprehensive heat map}
6. Playbook template for automating threat response {Logic app designer}
UEBA stands for User and Entity Behavior Analytics. It is used for collecting and analyzing data that Sentinel collects from different data sources, then being trained, and set some baselines for entities.
Thank you!
My favorite features Javier presented today are the following:
1. Data connectors. {collecting different data from other MS services or third-party applications.}
2. Analytic rules. {The way to start detecting is enabling analytics rules, you always want to start from enabling necessary rules (NOT everything) as a best practice. }
3. Content hub (Preview) {a solution gallery}
4. Bi-direction synchronization between MS Sentinel and MS 365 Defender
5. MITRE ATT&CK (Preview) {a comprehensive heat map}
6. Playbook template for automating threat response {Logic app designer}
UEBA stands for User and Entity Behavior Analytics. It is used for collecting and analyzing data that Sentinel collects from different data sources, then being trained, and set some baselines for entities.
Thank you!