How do you use URL Detonation for your investigation efforts?
Security operations center (SOC) analysts constantly face the challenge of determining where to focus. URL detonation in Microsoft Sentinel provides insights that can enable SOC analysts to triage alerts faster. For example, logs ingested by Microsoft Sentinel can contain URLs. For alerts that include a URL (e.g., a URL visited by a user from within the corporate network), that URL can be automatically detonated to gain added insight that can help accelerate the triage process.
We are looking to better understand how you utilize the URL detonation feature for your investigation efforts and how we can improve the capability.
Could you please help us by filling this short 5-Minute survey?