cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Sentinel Blog
Options
733

Deploying Microsoft Sentinel Threat Monitoring for SAP agent into an AKS/Kubernetes cluster

MSFT_AndrewLomakin on Jul 05 2022 12:00 PM
Step by step walkthrough on how to deploy the Deploying Microsoft Sentinel Threat Monitoring for SAP agent into an AKS/K...
1,459

What’s new: Centrally manage automated response to alerts with automation rules

liortamir on Jul 04 2022 07:48 AM
Centrally manage automated response to alerts with automation rules.
2,295

Become a Microsoft Sentinel Automation Ninja!

BenjiSec on Jul 01 2022 06:37 AM
The number of security incidents and information related to them are rising daily. Traditional tools and methods aren’t ...
1,296

Import Anomali ThreatStream Feed into Microsoft Sentinel

RijutaKapoor on Jun 29 2022 09:54 AM
Bring threat intelligence from Anomali ThreatStream into Microsoft Sentinel using TAXII Data Connector
2,493

Microsoft Sentinel Automation Tips & Tricks – Part 1: Automation rules

BenjiSec on Jun 28 2022 05:32 AM
It this multi-series blog posts, we will cover tips and trick when using Microsoft Sentinel Automation. In part one, we ...
2,103

Correlating Microsoft Defender for Cloud alerts in Sentinel

romarsia on Jun 22 2022 05:21 AM
Incident load is one of the major pain points of modern SOC. One of the methods used to manage alert fatigue is using gr...
2,614

Microsoft Threat Intelligence Matching Analytics: IP Detections

RijutaKapoor on Jun 16 2022 03:26 PM
Microsoft Threat Intelligence Matching Analytics: IP Detections
5,766

I'm Being Attacked, Now What?

TJBanasik on Jun 08 2022 09:42 AM
Learn how to respond to attacks with the Microsoft Sentinel: Threat Analysis & Response Solution while applying SOAR rem...
1,650

Import Pulsedive Feed into Microsoft Sentinel

RijutaKapoor on Jun 07 2022 12:06 PM
Bring threat intelligence from Pulsedive into Microsoft Sentinel using TAXII Data Connector
2,269

Plan, Track, and Configure Your Microsoft Sentinel Deployment/Migration with This New Workbook

Matt_Lowe on Jun 07 2022 12:03 PM
Planning and executing a SIEM deployment/migration can get a little messy. To assist with this process for Microsoft Sen...
5,018

Announcing the Microsoft Sentinel Hackathon Spring 2022 winners

Preeti_Krishna on Jun 06 2022 01:48 PM
Check out the Microsoft Sentinel Hackathon Spring 2022 winners and the awesome cybersecurity solutions!
1,620

Celebrating the Microsoft Sentinel Ecosystem at RSAC 2022

Sarah Fender on Jun 06 2022 08:00 AM
At the RSA Conference this week, where hundreds of security vendors, researchers, and analysts will converge in San Fran...
1,682

Analytic rules - 'Sentinel entities' new entity type

romarsia on Jun 06 2022 05:37 AM
Kusto Query Language(KQL) is a powerful tool to explore your data, helping you discover patterns, identify anomalies and...
989

Using Forcepoint NGFW advanced workbook to gain deep security analytics and insights

Rafik Gerges on Jun 03 2022 05:54 AM
This workbook will help you gain deep security insights, application protocol analytics, as well as monitoring the admin...
4,455

Guided Hunting Notebook: Azure Resource Explorer

JannieLi on Jun 02 2022 01:32 PM
While hunting in Azure, you might find yourself pivoting from one resource to another or find that you may want to see t...
2,047

What’s new: Automate full incident lifecycle with incident update triggers

liortamir on May 31 2022 09:24 AM
Teams can now create automation rules and playbooks which run when incident fields are modified – for example, when an o...
3,059

Export Historical Log Data from Microsoft Sentinel

AmritpalSingh on May 31 2022 08:46 AM
Big data security analytics and ML requires data ETL that is both flexible and highly performant and scalable. In this b...
2,120

What’s new: incident expansion – relate alerts to incidents

Ely_Abramovitch on May 25 2022 10:33 AM
Expand the scope of your investigation and track sophisticated attacks with Microsoft Sentinel
1,841

Import ReversingLab’s Ransomware Feed into Microsoft Sentinel

RijutaKapoor on May 24 2022 02:15 PM
Bring threat intelligence from ReversingLabs into Microsoft Sentinel using TAXII Data Connector to combat Ransomware att...
4,838

Announcing the Microsoft Sentinel: NIST SP 800-53 Solution

TJBanasik on May 16 2022 09:31 AM
The Microsoft Sentinel: NIST SP 800-53 Solution enables compliance teams, architects, SecOps analysts, and consultants t...
3,119

What's new: Similar incidents in Microsoft Sentinel

Ely_Abramovitch on May 15 2022 04:54 AM
Uncover connections to other incidents that are similar to the one you are investigating with the new Similar incidents ...
2,577

Automating bulk onboarding of Azure IaaS and PaaS resources into Microsoft Sentinel

Rafik Gerges on May 13 2022 06:19 AM
The end-to-end guide details the onboarding of Azure IaaS and PaaS resources into Microsoft Sentinel as well as ensuring...
1,909

Search, Investigate, & Respond to Indicators of Compromise with the Threat Intelligence Workbook

TJBanasik on May 12 2022 07:30 AM
We’re releasing the next evolution of the Threat Intelligence Workbook to provide enhanced capabilities in both indicato...
4,171

What’s new: Closer integration between Microsoft Sentinel and Microsoft 365 Defender

ShaharAviv on May 11 2022 03:12 PM
Over a year ago, we first announced the integration between Microsoft Sentinel and Microsoft 365 Defender as part of the...
2,654

Bring Threat Intelligence from SEKOIA.IO using TAXII data connector

RijutaKapoor on May 09 2022 10:28 AM
Bring Threat Intelligence from SEKOIA.IO using TAXII data connector
4,450

Unleash the Power of Modern SecOps with Microsoft Sentinel SOAR

Sarah Fender on May 09 2022 05:30 AM
Protecting the modern enterprise from increasing cyberthreats requires a modern approach to security operations (SecOps)...
1,492

Microsoft Sentinel for SAP News - Dynamic SAP Security Audit Log Monitor feature available now!

MSFT_AndrewLomakin on May 09 2022 05:30 AM
A new public preview feature available this week for Microsoft Sentinel for SAP solution, that allows to parse most of t...

Latest Comments

BenjiSec
in Become a Microsoft Sentinel Automation Ninja! on Jul 06 2022 09:41 AM
Hi @Iheanyi - thanks for reporting. Link fixed now.
1 Likes
in Log sources and analytics rules coverage workbook: see how your tables are being used on Jul 06 2022 04:21 AM
Hi, the link to GitHub doesnt work. Therefore, I searched Github to find the workbook which I managed to do. When coping the JSON to paste into advanced editor, there is an error. Any help would be appreciated.
0 Likes
Iheanyi
in Become a Microsoft Sentinel Automation Ninja! on Jul 06 2022 03:12 AM
@BenjiSec Thanks for the blog, really helpful curation of content. Just want to point out that the link to the SOAR content catalog appears to be broken https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/become-a-microsoft-sentinel-automation-ninja/ba-p/Microsoft%20Sentinel%20SOAR%20cont...
0 Likes
Julian Taaje
in Using Microsoft Teams Adaptive Cards to enhance incident response in Microsoft Sentinel on Jul 06 2022 02:14 AM
Ok - not a good solution for MSSP use, then. Thank you!
0 Likes
BenjiSec
in Become a Microsoft Sentinel Automation Ninja! on Jul 06 2022 12:40 AM
Hi @raju_ninja007 - we are already thinking about it. 
0 Likes