Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

New Blog Post | Automatically Extend Multiple Suppression Rules on Security Alerts

Microsoft

AshleyMartin_0-1635438763767.png

 

Automatically Extend Multiple Suppression Rules on Security Alerts - Microsoft Tech Community

Azure Defender helps organizations be more secure by providing dedicated security analytics for a variety of workloads. Once you’ve enabled Azure Defender for the workload you need, you will receive alerts based on the analytics that were created to detects threats for the type of workload you selected. To ensure security alerts meet your organization’s specific requirements, you can create suppression rule(s) to fine tune alerts. Each suppression rule has an expiration date, which can be altered either through the Azure portal or REST API.

The purpose of this article is to highlight an automation, which has been developed and that can be leveraged by organizations to automatically extend the expiration date of all enabled suppression rules that are about to expire. This automation has been published to Azure Security Center GitHub repository – from where it can be deployed directly to your environment, through the provided ARM template. 

Original Post: New Blog Post | Automatically Extend Multiple Suppression Rules on Security Alerts - Microsoft Tech ...

0 Replies