Azure Defender Alerts Workbook - Microsoft Tech Community
Azure Defender is an evolution of threat-detection technologies in Security Center protecting Azure, On-premises, and hybrid cloud environments. Security Alerts are the notifications that Security Center generates when it detects threats on your resources. Security Center prioritizes and lists the alerts, along with information needed for you to quickly investigate the problem. Security Center also provides detailed steps to help you remediate attacks. Alerts data is retained for 90 days. Here is the list of resource types that Azure Defender secures. Make sure to visit this article that lists the security alerts you might get from Azure Security Center and any Azure Defender plans you’ve enabled.
Azure Security Center allows you to create custom workbooks across your data, and also comes with built-in workbook templates to allow you to quickly gain insights across your data as soon as you connect a data source. For example, with Secure Score Over Time report, you can track your organization’s security posture. Read more about how workbooks provide rich set of functionalities in our Azure monitor documentation and to understand workbooks gallery in Azure Security Center, make sure to review our documentation.
With this blog, we are introducing you to another great template that provides representation of your active alerts in different pivots that would help you understand the overall threats on your environment and prioritize between them.