cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Detection capability of Azure Sentinel

zubairrahimsoc
Copper Contributor

‎Aug 19 2021 07:03 AM

‎Aug 19 2021 07:03 AM

Detection capability of Azure Sentinel

There are some built-in Analytics rules based on data sources beside that how you increase the detection capability of Azure Sentinel? What I want to know that do you looking the latest IOCs and create a custom rules , did you map the azure sentinel with MITRE and what are some good platform where i find threat detection queries/rules for Azure Sentinel.

Thanks

675 Views
0 Likes
1 Reply
Reply
1 Reply
pvanberlo

‎Aug 19 2021 08:06 AM

‎Aug 19 2021 08:06 AM

Re: Detection capability of Azure Sentinel

Adding custom analytics rules is almost a requirement while you work with Sentinel. Although it comes with some out of the box stuff, you may have your own preferences when it comes to rules to use while detection threats. A good source for community provided KQL and other Sentinel resources would be https://github.com/Azure/Azure-Sentinel.
1 Like
Reply