Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
Azure WAF Notebook for Microsoft Sentinel
Published Mar 02 2023 02:43 PM 3,174 Views

Azure Web Application Firewall (Azure WAFdetects SQLI attacks and applies block mitigations by default. In certain instances, this could be a false positive that requires investigation and creation of Azure WAF exclusions. In order to complete a successful investigation, full context about the attack is needed and a process that guides you through the investigation is required. Such a guided investigation process is automated in this Microsoft Sentinel Notebook and allows you to tune Azure WAF policy with minimal user interaction.

This Notebook analyzes SQL injection attacks on Azure WAF integrated with Azure Front Door premium and implements automated exclusions.

This notebook is released in preview.

You can find step-by-step instructions on how to use the Notebook here:


Version history
Last update:
‎Mar 02 2023 01:55 PM
Updated by: