Recent Blogs
12 MIN READ
On September 30, 2025, Microsoft announced the general availability of the Microsoft Sentinel data lake, designed to centralize and retain massive volumes of security data in open formats like delta ...
Sep 30, 2025509Views
1like
4Comments
Unlocking Seamless Security Data Integration
Sep 30, 2025384Views
3likes
0Comments
One of the main changes and advantages of onboarding Microsoft Sentinel to the Defender portal is the fact that alerts are automatically correlated into single incidents. Alert correlation will kick ...
Sep 26, 2025940Views
2likes
0Comments
Automate Security Workflows in Microsoft Sentinel with BlinkOps
Security teams are under increasing pressure to respond faster to threats while managing growing complexity across their environments...
Sep 18, 2025707Views
1like
0Comments
Thanks to Javier Soriano, Principal Product Manager - OneSOC Customer Experience Engineering, for the peer review
Introduction
Although the recommended approach is to not have multiple SIEM solut...
Sep 10, 2025575Views
1like
0Comments
Co-author - Ashwin Patil
Security teams today face an overwhelming challenge: every data point is now a potential security signal and SOCs are drowning in complex logs, trying to find the needle in...
Sep 09, 20253.8KViews
5likes
2Comments
Key updates
On April 3, 2025, we publicly previewed two new tables to support STIX (Structured Threat Information eXpression) indicator and object schemas: ThreatIntelIndicators and ThreatIntelObje...
Aug 05, 20253.5KViews
1like
2Comments
Welcome to the third entry of our blog series on automating Microsoft Sentinel.
In this series, we’re showing you how to automate various aspects of Microsoft Sentinel, from simple automation of Se...
Jul 16, 20252.1KViews
0likes
0Comments
21 MIN READ
Introduction
A huge thank you to MariaSousaValadas for contributing and reviewing this post
In a SIEM you may need to upload data for correlation, such as high value assets, IP ranges from your ...
Jul 14, 20251.9KViews
3likes
0Comments
Microsoft Sentinel is moving to the Microsoft Defender portal to deliver a unified, AI-powered security operations experience. Many customers have already made the move. Learn how to plan your transi...
Jul 10, 2025827Views
0likes
0Comments
Resources
Tags
- microsoft sentinel219 Topics
- investigation99 Topics
- security96 Topics
- what's new92 Topics
- detection86 Topics
- siem86 Topics
- hunting65 Topics
- soar45 Topics
- threat hunting36 Topics
- solutions35 Topics