Jul 21 2022 11:15 AM
Jul 25 2022 06:39 AM
@amitcohen Is the webinar also about the way D4IOT alert and device information is made available to Sentinel when using the on-premise management console? As far as I can see, the current documentation is always assuming that a cloud connected sensor is used.
Jul 26 2022 02:30 AM
@mwittersict Defender for IoT integration to Sentinel can be done in two ways; either using cloud-connected sensors or non-cloud-connected sensors.
In the webinar, we will focus on the new integration that requires a cloud-connected sensor as a prerequisite, since most of the advanced features of a unified OT/IT SOC are available for that kind of integration.
Aug 07 2022 01:26 PM
Aug 07 2022 11:49 PM - edited Aug 07 2022 11:50 PM
Hi @CindySvB2022,
Yes. You can find the recording here:
https://www.youtube.com/watch?v=nbCg8jlR1Gk
Oct 09 2022 08:52 AM
how come the vendors actions created multiple incidents? i thought that sentinel would be correlating all of the alerts into one incident@amitcohen
Oct 11 2022 12:50 AM
Hi @Dean Gross ,
It is possible to define in Sentinel whether you want to create a separate incident for each Defender for IoT alert or whether you want to group a few alerts into the same incident.
Oct 11 2022 05:11 AM
@amitcohen I understand that option exists, I just don't understand why it would be necessary. All of the alerts shown in the demo are obviously part of the same incident, so how come they were not correlated automatically? This is supposed to be one of the key benefits of Sentinel