Microsoft Sentinel Blog

Options
1,821
GBushey on Jun 12 2024 07:06 AM
2,200
VipulDabhi on May 23 2024 11:23 AM
1,881
jeffsc on May 13 2024 08:00 AM
7,529
MichalShechter on May 06 2024 09:07 AM
5,136
Israel_Aloni on May 06 2024 08:47 AM
3,076
Eric Burkholder on May 06 2024 06:00 AM
25.7K
robeving on Apr 26 2024 07:51 PM
3,411
Umesh_Nagdev on Apr 19 2024 07:55 AM
2,388
jeffsc on Apr 15 2024 11:17 AM
2,413
jeffsc on Apr 15 2024 11:17 AM
5,836
Preeti_Krishna on Mar 28 2024 02:56 PM
6,913
Matt_Lowe on Mar 14 2024 05:21 PM
4,652
Umesh_Nagdev on Feb 20 2024 07:04 AM
3,719
Josefa-Sepulveda on Feb 08 2024 07:58 AM
6,196
BenjiSec on Feb 06 2024 04:03 AM
6,131
PrateekTaneja on Feb 04 2024 10:22 PM
6,323
madesous on Jan 17 2024 05:27 AM
3,825
GBushey on Jan 16 2024 07:20 AM
4,440
VipulDabhi on Jan 08 2024 11:11 AM
7,139
timurengin on Jan 08 2024 11:10 AM
28.3K
Josefa-Sepulveda on Jan 02 2024 02:24 AM
53.2K
Arjun_Trivedi on Nov 29 2023 10:13 PM
10.7K
skochavi on Nov 27 2023 01:21 PM
9,261
ShaharAviv on Nov 20 2023 10:27 PM
7,184
Eric Burkholder on Nov 15 2023 02:26 PM
66.4K
Erez Einav on Nov 15 2023 08:00 AM
6,109
mahmoudmsft on Nov 08 2023 10:02 AM

Latest Comments

in Debugging Playbooks on Jun 20 2024 11:08 AM
@Internetguy441 For your first comment, while that would be very useful, it would be rather difficult to do considering how different each incident can be from each other. That is why I suggested creating a dummy Analytic Rule that will create an incident that contains exactly what you need for test...
0 Likes
@Matt Egen Wondering if you were able to add the steps mentioned under "further improvements" ? Would love to see the traditional WHOIS query part in the code
0 Likes
Hi, When I insert a hyperlink in the task list, like in the example you've provided - <a target='_blank' href=’https://www.microsoft.com/en-us/’>Microsoft Homepage</a>When the Watchlist task gets generated in the Sentinel alert, if we click on the hyperlink, it comes up with a 'Page not found', with...
0 Likes
The most important part of this story was left out. How does the largest corporation in the world allow a sub domain to be created under their main domain? This implies they had access to DNS or Azure somehow allows any customer to create a sub domain under microsoft.com.
0 Likes
in Debugging Playbooks on Jun 12 2024 09:18 AM
Thanks for the runthrough! :) always usefull.I have to add, for me who is learning to create some basic playbooks - it would be superhelpfull if it was possible to chose some modules (like the "microsoft incident" and be able to trigger it from the builder (ie: press "run/play-button") just to see r...
0 Likes