Event details

During Microsoft Secure you learned about the latest innovations around Microsoft's SIEM and XDR solution. Join this Ask Microsoft Anything (AMA) session to get your questions about Microsoft Sentine...
Trevor_Rusher
Updated Dec 27, 2024
siem
Tech Accelerator
xdr
John Aubrey's avatar
John Aubrey
Occasional Reader
Apr 13, 2023
We are just starting down the Sentinel/XDR/SIEM/SOAR route. We didn't have anything in place before this outside Defender AV. We have some alerts and hunting queries setup, but is there a next step? Where do you see customers going from here? What are the hurdles that are commonly seen from customers?
  • Heather_Poulsen's avatar
    Heather_Poulsen
    Icon for Community Manager rankCommunity Manager
    Apr 17, 2023
    Thanks for participating in the Tech Accelerator! For reference, the panel covered this topic at around 13:50.
  • Dean_Gross's avatar
    Dean_Gross
    Silver Contributor
    Apr 13, 2023
    John, I frequently see our clients focusing on using their new tools like Sentinel when they have not yet ensured that security baselines are in place. People go for the new shiny things instead of doing the basics. I strongly recommend focusing on implementing the secure score recommendations because this will decrease the noise in Sentinel Also, spend some time getting familiar with the numerous Workbooks in Sentinel, they will provide a wealth of information about the environment. make sure to use Watchlists, they can provide many benefits.