New Blog Post | Understanding API connections for your Azure Sentinel Playbooks

%3CLINGO-SUB%20id%3D%22lingo-sub-2595310%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Understanding%20API%20connections%20for%20your%20Azure%20Sentinel%20Playbooks%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2595310%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22JasonCohen1892_0-1627581052387.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F299245i918C06A696C5043A%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22JasonCohen1892_0-1627581052387.png%22%20alt%3D%22JasonCohen1892_0-1627581052387.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fazure-sentinel%2Funderstanding-api-connections-for-your-azure-sentinel-playbooks%2Fba-p%2F2593973%22%20target%3D%22_blank%22%3EAPI%20connections%20and%20permissions%20for%20Azure%20Sentinel%20Playbooks%20(microsoft.com)%3C%2FA%3E%3C%2FP%3E%0A%3CP%3EIn%20addition%20to%20being%20a%20Security%20Information%20and%20Event%20Management%20(SIEM)%20tool%2C%20Azure%20Sentinel%20is%20a%20Security%20Orchestration%2C%20Automation%2C%20and%20Response%20(SOAR)%20platform.%20Automation%20takes%20a%20few%20different%20forms%20in%20Azure%20Sentinel%2C%20from%20automation%20rules%20that%20centrally%20manage%20the%20automation%20of%20incident%20handling%20and%20response%2C%20to%20playbooks%20that%20run%20predetermined%20sequences%20of%20actions%20to%20provide%20powerful%20and%20flexible%20advanced%20automation%20to%20your%20threat%20response%20tasks.%26nbsp%3BIn%20this%20blog%20we%20will%20be%20focusing%20on%20playbooks%20and%20understanding%20application%20programming%20interface%20(API)%20permissions%2C%20connections%2C%20and%20connectors%20in%20Azure%20Sentinel%20playbooks.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EOriginal%20Post%3A%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fsecurity-compliance-and-identity%2Fnew-blog-post-understanding-api-connections-for-your-azure%2Fm-p%2F2595308%23M6127%22%20target%3D%22_blank%22%3ENew%20Blog%20Post%20%7C%20Understanding%20API%20connections%20for%20your%20Azure%20Sentinel%20Playbooks%20-%20Microsoft%20Tech%20Community%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Microsoft

JasonCohen1892_0-1627581052387.png

API connections and permissions for Azure Sentinel Playbooks (microsoft.com)

In addition to being a Security Information and Event Management (SIEM) tool, Azure Sentinel is a Security Orchestration, Automation, and Response (SOAR) platform. Automation takes a few different forms in Azure Sentinel, from automation rules that centrally manage the automation of incident handling and response, to playbooks that run predetermined sequences of actions to provide powerful and flexible advanced automation to your threat response tasks. In this blog we will be focusing on playbooks and understanding application programming interface (API) permissions, connections, and connectors in Azure Sentinel playbooks.

 

Original Post: New Blog Post | Understanding API connections for your Azure Sentinel Playbooks - Microsoft Tech Com...

0 Replies