Microsoft Sentinel Blog | Microsoft Community Hub

Latest Blog Articles

8 MIN READ

Deploy Microsoft Sentinel using Bicep

Bicep is becoming a popular way of deploying Microsoft Sentinel. This article will show how this can be done as well as deploying solutions from the Content Hub and Analytic Rules.

GBushey Microsoft Sentinel Blog

Oct 24, 2024

4.8KViews

3likes

1Comment

7 MIN READ

Save money on your Sentinel ingestion costs with Data Collection Rules

Learn how to reduce your data volume while also collecting the information with the highest security/detective value to your org.

Jon_Shectman Microsoft Sentinel Blog

Oct 15, 2024

Best Practices

Data Collection

Microsoft Sentinel

Security Operations

SIEM

4.6KViews

1like

0Comments

1 MIN READ

What to do if your Sentinel Data Connector shows as [DEPRECATED]

Several Sentinel users raised the alarm that several of the data connectors they were using suddenly show as deprecated in the user interface.

AndreaFisher Microsoft Sentinel Blog

Oct 15, 2024

2.1KViews

0likes

2Comments

7 MIN READ

Cowrie honeypot and its Integration with Microsoft Sentinel.

Honeypot: Honeypot is a security mechanism designed to attract, detect, and analyze malicious activities and attackers by simulating a vulnerable system or network service. The primary purpose of a...

VipulDabhi Microsoft Sentinel Blog

8.2KViews

0likes

1Comment

3 MIN READ

Introducing the Use Cases Mapper workbook

1. Intro While looking for the most effective use cases for Sentinel, it usually makes sense to start with data sources that already exist in some way in the corporate environment, whether due to a ...

mariocuomo Microsoft Sentinel Blog

3.5KViews

0likes

0Comments

1 MIN READ

Level Up Your Security Skills with the New Microsoft Sentinel Ninja Training!

If you’ve explored our Microsoft Sentinel Ninja Training in the past, it’s time to revisit! Our training program has undergone some exciting changes to keep you ahead of the curve in the ever-evolv...

Josefa_Sepulveda Microsoft Sentinel Blog

Microsoft Defender XDR

Security Operations

4.1KViews

4likes

1Comment

3 MIN READ

What's New: Global Search in Unified Security Operations platform includes Sentinel user and devices

We are thrilled to announce a significant enhancement to our Unified Security Operations (SecOps) platform. The Global Search feature in the Defender XDR portal now supports searching for Microsoft S...

Aman_Kaur Microsoft Sentinel Blog

Sep 25, 2024

Microsoft Defender XDR

2.3KViews

0likes

1Comment

7 MIN READ

Detecting AiTM Phishing via 3rd-Party Network events in Unified Security Operations Platform

We would like to provide new update on AiTM (Adversary-in-the-Middle) phishing attacks hunting query with the Unified Security Operations Platform. These queries are revised versions from the blog po...

Arjun_Trivedi Microsoft Sentinel Blog

Sep 23, 2024

5KViews

4likes

0Comments

6 MIN READ

The power of Data Collection Rules: Detect Disabling Windows Defender Real-Time Protection

Although Defender for Endpoint (MDE) consists of various protections against tampering and of alerts to detect it, adversaries are constantly trying to find a way to successfully circumvent and termi...

miriamwiesner Microsoft Sentinel Blog

Sep 23, 2024

2.6KViews

2likes

0Comments

7 MIN READ

The power of Data Collection Rules: Monitoring PowerShell usage

PowerShell is a great tool for administrators to manage devices and servers in their environment. When using it to administer remote systems with PSRemoting, you don’t leave credentials behind on the...

miriamwiesner Microsoft Sentinel Blog

Sep 16, 2024

6.3KViews

3likes

5Comments

Latest Blog Articles

Deploy Microsoft Sentinel using Bicep

Save money on your Sentinel ingestion costs with Data Collection Rules

What to do if your Sentinel Data Connector shows as [DEPRECATED]

Cowrie honeypot and its Integration with Microsoft Sentinel.

Introducing the Use Cases Mapper workbook

Level Up Your Security Skills with the New Microsoft Sentinel Ninja Training!

What's New: Global Search in Unified Security Operations platform includes Sentinel user and devices

Detecting AiTM Phishing via 3rd-Party Network events in Unified Security Operations Platform

The power of Data Collection Rules: Detect Disabling Windows Defender Real-Time Protection

The power of Data Collection Rules: Monitoring PowerShell usage

Resources

Share

Tags