May 02 2022 12:43 AM
Since we have an option in Defender for Cloud to add AWS environment. If we added those AWS accounts and In Sentinel if we have enabled the Microsoft Defender for Cloud data connector, is that will collect all the required logs from AWS?
Or did we need to enable "Amazon Web Services S3 (Preview)" connector as well which includes the data types AWS Cloud Trail , VPC Flow Logs & AWS Guard Duty?
May 02 2022 03:15 AM
May 03 2022 09:02 PM
May 04 2022 04:43 AM
Solution@santhoshmohd Yes... Now imagine that you want to activate the protection of these resources as well (AWS) ... Then you will have the EDR module and it will start reporting randsoware incidents as well in secitiy center (defender for Cloud) So you could see this incident too in Sentinel
May 04 2022 04:43 AM
Solution@santhoshmohd Yes... Now imagine that you want to activate the protection of these resources as well (AWS) ... Then you will have the EDR module and it will start reporting randsoware incidents as well in secitiy center (defender for Cloud) So you could see this incident too in Sentinel