Microsoft Secure Tech Accelerator
Apr 13 2023, 07:00 AM - 12:00 PM (PDT)
Microsoft Tech Community

Best practices for managing use-case exceptions for an MSSP Sentinel environment


Good night people.

I work on managing Azure Sentinel for customers in an MSSP environment and have been encountering a dilemma in managing exceptions for use cases.


It's been my pain. :(


How do you create use case exceptions in a scalable way that doesn't need to go into each case's KQL code to insert an exception if you do?

0 Replies