Event banner

Microsoft Defender for Identity AMA

Event Ended
Wednesday, Jun 29, 2022, 09:00 AM PDT
In-Person

Event details

We are very excited to announce our Microsoft Defender for Identity AMA!   An AMA is a live text-based online event similar to a “YamJam” on Yammer or an “Ask Me Anything” on Reddit. This AMA giv...
Trevor_Rusher
Updated Jun 29, 2022
microsoft defender for identity
blods's avatar
blods
Brass Contributor
Jun 28, 2022
What is the overlap with Defender for Identity and Sentinel log analytics? Do all logs need to be in the same region or in the same log analytics area for Defender to take advantage of logs, or does it operate outside of that?
Arjan van Veen's avatar
Arjan van Veen
Copper Contributor
Jun 29, 2022

In my opinion there is no overlap......those are 2 different products.......But you can utilize the raw data of MDI into Sentinel to correlate also other data sources with the raw data of MDI the second question i do not really understand.....but I think the answer is Yes 🙂

  • YaronParyanty's avatar
    YaronParyanty
    Icon for Microsoft rankMicrosoft
    Jun 29, 2022
    The core of MDI is the powerful detection engine that is made possible by performing deep packet inspection and windows events collected from the domain control. Sentinel log analytics store events and provide users with tools to slice and dice the data and create queries. They are complementary solutions that can be used side by side for different purposes. You can stream the MDI alert information and evidence from M365D into Sentinel and you can use M365D Advanced Hunting to send additional data to Sentinel Log Analytics. It’s up for the customer to decide on which regions to use for each of the products.
Date and Time
Jun 29, 20229:00 AM - 10:00 AM PDT