Unified Security Operation Sentinel Vs Defender Tables
I have a question regarding the Unified SOC portal. In the session below, they highlighted one advantage: the ability to use Defender and Sentinel Tables together. However, both the SignInLogs and DeviceLogonEvents tables are already accessible in Sentinel through the Defender connector. Am I missing something, or did they use an incorrect example to demonstrate an advantage that Sentinel already provides? Unified Security Operations Platform GA launch and exclusive demoReminder: Microsoft Sentinel AMA TODAY (9/6) at 8:00AM PST!
Hello! This is a reminder to join us in 5 MINUTES on Wednesday 9/6, at 8:00AM PST for an AMA (Ask Microsoft Anything) with the Microsoft Sentinel team! This will be a text-based live hour of answering all your questions relating to the SIEM solution. Join here: aka.ms/SentinelAMA
New Blog Post | Microsoft Sentinel this Week – Issue #76
Microsoft Sentinel this Week – Issue #76 - Azure Cloud & AI Domain Blog (azurecloudai.blog) Many of you are already familiar with the Microsoft Security Insights show that is hosted each Wednesday evening. For those not familiar, the hour-long dialog show introduces guests from various areas within Microsoft and some of our partners. It delivers live starting at 5pm EST every Wednesday. For those that miss the live event and miss asking live questions, the replay is available immediately after and the audio is delivered as a podcast the week after. As an example, the next episode (117) is on August 31st, and features Kara Cole (CxE Program Manager) and Kim Griffiths (Program Manager for CxE and CAT). You can subscribe to the YouTube channel or set a notification to be reminded here: https://youtu.be/zkxgKQPUqsg This one will be extra interesting as a recent guest, Gary Bushey, will be guest hosting. Kara is Gary’s manager. Imagine trying to interview your own boss on a podcast. We’ve recently changed our streaming platform to deliver to more people at once and begun to delve deeper into other engagement areas. This is in preparation for a Microsoft Security Insights conference we’re planning in February 2023. More to come on that and, if this interests you, you can keep tabs on the updates in our just christened LinkedIn page: https://www.linkedin.com/company/microsoft-security-insights-show/New Blog Post | Microsoft Sentinel this Week - Issue #58
Microsoft Sentinel this Week - Issue #58 | Revue (getrevue.co) Happy Friday everyone! Thanks to everyone that’s been here for a while and welcome to all the new subscribers this week. Before getting into the content of the newsletter, there’s a few things to highlight… … First off, we have a couple YAMS (yet another Microsoft survey). It’s getting near the end of the fiscal year at Microsoft, so expect a few more of these to filter through in the coming weeks as planning for product features and enhancements commences. Not that Sentinel isn’t already in a continual update cycle, just that there’s some decision points that need to be made and we need your help to decide where to focus. The first one is focused on the Out-of-the-box Content that Microsoft Sentinel provides. Microsoft Sentinel provides more than 100+ Solutions, 190+ data connectors and thousands of individual contents (workbooks, playbooks, watchlist, hunting queries, analytics rules etc.) available out of the box. Your feedback will help us better understand the content that is most useful to you and will help your experience with the product. Survey link: https://cda.ms/49p The second one, is about the URL detonation feature. Security operations center (SOC) analysts constantly face the challenge of determining where to focus. URL detonation in Microsoft Sentinel provides insights that can enable SOC analysts to triage alerts faster. For example, logs ingested by Microsoft Sentinel can contain URLs. For alerts that include a URL (e.g., a URL visited by a user from within the corporate network), that URL can be automatically detonated to gain added insight that can help accelerate the triage process. We are looking to better understand how you utilize the URL detonation feature for your investigation efforts and how we can improve the capability. Survey link: https://cda.ms/49q … Well, we made it. Myself and my colleagues kicked off the inaugural episode of the Microsoft Security Insights show on Microsoft Reactor Wednesday evening. The show was a good one. Some of you showed up for the live event and provided commentary and questions. I hope you enjoyed listening and watching. For those that missed it, the replay is available now. With Matt Soseman as our guest, the conversation turned to the obvious topics of Zero Trust and Identity security. Each time I talk to Matt, I feel like I’m smarter afterward. And I know you’ll feel that way, too. Catch the latest episode here: https://cda.ms/49r And you can prepare now for our next Microsoft Reactor episode on May 25th when our good friend and Microsoft Sentinel PM, Jing Nghik will be on. You can jump out and set a reminder to tune in here: https://cda.ms/49s … I have a few other things I wanted to chat about this week, but I’ll save that for next issue as I’m fighting through a head cold as I write this. Have a great week, everyone! Talk soon… -Rod Original Post: New Blog Post | Microsoft Sentinel this Week - Issue #58 - Microsoft Tech CommunityJune 2020 | Public Security Community Webinar series
We are excited to announce our Summer 2020 series security webinars. Details and registration are at https://aka.ms/SecurityWebinars. Interested in some bite-sized security tips? Check out our short videos at https://aka.ms/SecurityCommunityVideos. To stay informed about future webinars and other events, join our Security Community at https://aka.ms/SecurityCommunity. We hope you will join us!Azure Sentinel | Spring 2020 Public Webinars
We are excited to announce the following Azure Sentinel webinars: March 31 | Azure Sentinel: Extending and Integrating Sentinel (APIs) Presenter: Preeti Krishna and Ofer Shezaf April 20 | Azure Sentinel: MSSP Support Presenter: Ofer Shezaf April 22 | Azure Sentinel: Threat Hunting on AWS using Sentinel Presenter: Ashwin Patil For details and registration go to aka.ms/SecurityWebinars.
