Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

MDI Alert Correlation with MDE

Brass Contributor

I get a lot of SAM-R Alerts on from my Quires on my Honeytoken from Devices. I can't tell what application is making the query from the devices. This might be expected but how do I get the details from MSD4End that I can correlate with the MD4I alert? Are there any ways to get visibility into this endpoint? 

0 Replies