Sentinel OT SOC | Solution Release 1.0.13

Microsoft
We are happy to announce the Public Preview of an updated solution package in Sentinel Content Hub for Microsoft Defender for IoT customers!
 
Defender for IoT's built-in integration with Sentinel helps bridge the gap between IT & OT security challenge.

In this release, we are introducing another upgrade that will streamline the SOC workflows to analyze, investigate, and respond efficiently and quickly to OT incidents:

 

  • Streamline the SOC workflow by updating the alert status in Defender for IoT automatically when Microsoft Sentinel updates the incident status. After updating the solution, make sure that you also take the required steps to ensure that the new playbook works as expected.
  • IoT/OT context for SOCs by displaying IoT/OT devices inside incidents created with Sentinel's solution package.
  • Easily navigate between Sentinel incidents created by the solution package and Defender for IoT alerts through the MDIoT alert link in Sentinel's incident page.
  • New SOC workflow for ‘No traffic on sensor detected’ use case.
amitcohen_0-1657697654557.jpeg
 
Additional information can be found here: documentation
0 Replies