Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

New Blog Post | Microsoft Sentinel Automation Tips & Tricks – Part 2: Playbooks

Microsoft

Antonio_Alejandro_0-1657139689651.png

Microsoft Sentinel Automation Tips & Tricks – Part 2: Playbooks - Microsoft Tech Community

 

This blog is part of a multi-series

Part 1: Automation rules

Part 2: Playbooks – this blog

Part 3: Dynamic content and expressions – coming soon

Part 4: Send email notification options – coming soon

 

Playbooks

A playbook is a collection of response and remediation actions and logic that can be run from Microsoft Sentinel as a routine. A playbook can help automate and orchestrate your threat response, integrate with other internal and external systems, and be set to run automatically in response to specific alerts or incidents triggered by an analytics rule or an automation rule. It can also be run on-demand manually from the incidents page in response to alerts.

 

0 Replies