cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Microsoft Sentinel Blog
Options
4,824

Public preview announcement: Defender for IOT solution for Microsoft Sentinel

yohasson on Oct 11 2022 08:50 AM
We are excited to announce the public preview of our Defender for IoT solution for Microsoft Sentinel. With this solutio...
11.6K

Announcing the enhanced Microsoft Sentinel AWS CloudTrail solution, powered by new MITRE-Based Rules

Daniel_Davrayev on Oct 07 2022 07:37 AM
Use the updated Microsoft Sentinel AWS CloudTrail solution to better protect your AWS environment. The updated solution ...
3,715

Anomaly detection on the SAP audit log using the Microsoft Sentinel for SAP solution

OferInbar on Sep 29 2022 11:03 AM
Organizations who use the Microsoft for SAP solution obtain valuable security insights from events in the SAP security a...
5,270

IoT Entity Page - Enhance IoT/OT Threat Monitoring in Your SOC with Sentinel and Defender for IoT

Maayan_Magenheim on Sep 22 2022 07:50 AM
The new IoT device entity page is designed to help your SOC investigate incidents that involve IoT/OT devices in your en...
5,805

Introduction to Machine Learning Notebooks in Microsoft Sentinel

vani_asawa on Sep 14 2022 08:28 AM
Learn more about using machine learning notebooks in Microsoft Sentinel, to surface unusual behaviour in your cloud envi...
4,045

Microsoft Sentinel customizable machine learning based anomalies is Generally Available

Ed_Gardner on Sep 12 2022 10:52 AM
Come see what’s new since Public Preview!
6,072

Create and delete incidents in Microsoft Sentinel

MichalShechter on Sep 12 2022 04:21 AM
This article will walk you through the ability to create incidents in Microsoft Sentinel using the portal and playbooks,...
3,246

Power of Threat Intelligence sprinkled across Microsoft Sentinel

RijutaKapoor on Sep 06 2022 08:00 AM
Power of Threat Intelligence sprinkled across Microsoft Sentinel 
3,677

Troubleshoot Amazon Web Services S3 connector issues

Yael_Bergman on Aug 31 2022 05:46 AM
This article describes common methods for verifying and troubleshooting an Amazon Web Services S3 connector for Microsof...
27.5K

Enabling AD FS Security Auditing 📡 and Shipping Event Logs to Microsoft Sentinel 🛡️

Cyb3rWard0g on Aug 26 2022 08:57 AM
Active Directory Federation Service (AD FS) enables Federated Identity and Access Management by securely sharing digital...
15.9K

Hunting for Teams Phishing with Microsoft Sentinel, Defender, Microsoft Graph and MSTICPy

Pete Bryan on Aug 17 2022 08:00 AM
As a growing amount of our communications are moving from traditional formats such as in-person meetings and email, to i...
4,703

Azure resource entity page - your way to investigate Azure resources

Maayan_Magenheim on Aug 17 2022 12:34 AM
Azure resources such as Azure Virtual Machines, Azure Storage Accounts, Azure Key Vault, Azure DNS, and more are essenti...
9,721

New ingestion-SampleData-as-a-service solution, for a great Demos and simulation

Yaniv Shasha on Aug 12 2022 11:06 AM
Demonstrating Microsoft Sentinel features, that include security incidents, alerts, workbooks, meaningful hunting querie...
8,194

Detect Masqueraded Process Name Anomalies using an ML notebook

jurege on Aug 11 2022 09:10 AM
Process Masquerading is an extremely common attack-vector technique. It occurs when the name or the location of a legiti...
21.2K

Hunting for Low and Slow Password Sprays Using Machine Learning

AmritpalSingh on Aug 11 2022 09:05 AM
Bring your sign-in data and use our new machine learning Sentinel notebook to surface patterns of anomalous activity, at...
7,971

Bring Threat Intelligence from Kaspersky using TAXII data connector

RijutaKapoor on Aug 02 2022 08:12 AM
Bring Threat Intelligence from Kaspersky using TAXII data connector
4,808

Protect critical information within SAP systems against cyberattacks

YoavDaniely on Aug 02 2022 05:40 AM
SAP systems and applications handle massive volumes of business-critical data that is hosted on cloud or on-premises inf...
12.1K

New Threat Intelligence features in Microsoft Sentinel

RijutaKapoor on Aug 02 2022 05:40 AM
New Threat Intelligence features in Microsoft Sentinel
3,862

Intro to KQL Workbook - Summer Update

Matt_Lowe on Aug 01 2022 04:21 PM
Keep cool with KQL. The Intro to KQL Summer Update introduces 15 more KQL operators, complete with exercises and example...
7,634

Discover the power of UEBA anomalies in Microsoft Sentinel

Idan_Bellayev on Jul 27 2022 11:57 PM
Our mission in Microsoft Sentinel UEBA is to detect insider and unknown threats – so we surface those suspicious activit...
9,747

Microsoft Sentinel Solution for Dynamics 365 News – New OOB analytics rules templates available now!

yohasson on Jul 14 2022 07:00 AM
Late last year Microsoft Sentinel released a solution for Dynamics 365 threat monitoring, detection, and incident respon...
20.9K

Microsoft Sentinel Automation Tips & Tricks – Part 3: Send email notification options

BenjiSec on Jul 13 2022 01:57 AM
Microsoft Sentinel Automation Tips & Tricks – Part 3 will cover different options to send an email notification from Mic...
3,721

What's New in Notebooks - MSTICPy v2.0.0

ianhelle on Jul 11 2022 09:45 AM
MSTICPy V2 has new and improved visualizations, easier initialization and simplified interface and big additions and imp...
4,877

Deploying Microsoft Sentinel Threat Monitoring for SAP agent into an AKS/Kubernetes cluster

AndrewLomakin on Jul 05 2022 12:00 PM
Step by step walkthrough on how to deploy the Deploying Microsoft Sentinel Threat Monitoring for SAP agent into an AKS/K...
4,491

What’s new: Centrally manage automated response to alerts with automation rules

liortamir on Jul 04 2022 07:48 AM
Centrally manage automated response to alerts with automation rules.
13.9K

Become a Microsoft Sentinel Automation Ninja!

BenjiSec on Jul 01 2022 06:37 AM
The number of security incidents and information related to them are rising daily. Traditional tools and methods aren’t ...
10.5K

Import Anomali ThreatStream Feed into Microsoft Sentinel

RijutaKapoor on Jun 29 2022 09:54 AM
Bring threat intelligence from Anomali ThreatStream into Microsoft Sentinel using TAXII Data Connector

Latest Comments

tienj
in Create Tasks Repository in Microsoft Sentinel on Jun 16 2024 10:34 PM
Hi, The tasks created in the Sentinel alert seems to be duplicating. The tasks defined in watchlist gets created twice in the Sentinel alert. Any ideas?
0 Likes
justin2080
in Examining the Deception infrastructure in place behind code.microsoft.com on Jun 13 2024 01:56 AM
The most important part of this story was left out. How does the largest corporation in the world allow a sub domain to be created under their main domain? This implies they had access to DNS or Azure somehow allows any customer to create a sub domain under microsoft.com.
0 Likes
Internetguy441
in Debugging Playbooks on Jun 12 2024 09:18 AM
Thanks for the runthrough! :) always usefull.I have to add, for me who is learning to create some basic playbooks - it would be superhelpfull if it was possible to chose some modules (like the "microsoft incident" and be able to trigger it from the builder (ie: press "run/play-button") just to see r...
0 Likes
dontneedausername
in Examining the Deception infrastructure in place behind code.microsoft.com on Jun 12 2024 08:31 AM
@robeving wrote:Provision a cloud Azure resource with the same name and now visiting blog.somedomain.com will redirect to the attacker’s resource. Here they control the content. [...] This happened in 2021 when the domain was temporarily used to host a malware C2 service.I've seen plenty of phishing...
1 Likes
TokeSR
in Split Microsoft Sentinel Tables with Multi-Destination Data Collection Rules on Jun 11 2024 10:09 AM
@Ciyaresh91 It is possible, but these streams are not chained. So instead of creating one with a 'Drop' destination you can just tell not to include that data set in your table, like this:So everything else will be forwarded but the data you want to filter out. { "streams": [ "Microsoft-Microsoft-Wi...
0 Likes