cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure Sentinel product updates

Ofer_Shezaf
Microsoft

‎Aug 21 2019 10:07 AM - edited ‎Aug 21 2019 10:44 AM

‎Aug 21 2019 10:07 AM - edited ‎Aug 21 2019 10:44 AM

Azure Sentinel product updates

Changes and new features

 

  • Cases are now incidents: to better align with other Microsoft products; the term "cases" is changing to "incidents".

1.png

 
  • Incident comments: The comments feature enables customers to write multiple comments in the scope of an incident, and review them under the comments tab in the incident page.

2.png

  • We have removed the option for auto-deploying a CEF/Syslog connector VM. While a convenient function, we understood that it might present a security risk as this was not a managed VM, and users were in charge of securing the VM.

Blog posts

 

Other

 

Edoardo Gerosa and Olaf Hartong have presented at DefCon the "Sentinel ATT&CK", which aims to simplify rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on Azure Sentinel. Cool staff and tons of out of the box detections

2,145 Views
1 Like
1 Reply
Reply
1 Reply
Gary Bushey

‎Aug 22 2019 03:02 AM

‎Aug 22 2019 03:02 AM

RE: Azure Sentinel product updates

Just a little late. Noticed this during a customer demo ;)
0 Likes
Reply