New Blog Post | Microsoft Sentinel this Week - Issue #61

%3CLINGO-SUB%20id%3D%22lingo-sub-3372300%22%20slang%3D%22en-US%22%3ENew%20Blog%20Post%20%7C%20Microsoft%20Sentinel%20this%20Week%20-%20Issue%20%2361%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3372300%22%20slang%3D%22en-US%22%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22AshleyMartin_0-1652462511674.png%22%20style%3D%22width%3A%20610px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F371512i3C7A77C41DE87C50%2Fimage-dimensions%2F610x273%3Fv%3Dv2%22%20width%3D%22610%22%20height%3D%22273%22%20role%3D%22button%22%20title%3D%22AshleyMartin_0-1652462511674.png%22%20alt%3D%22AshleyMartin_0-1652462511674.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.getrevue.co%2Fprofile%2FAzureSentinelToday%2Fissues%2Fmicrosoft-sentinel-this-week-issue-61-1167347%3FWT.mc_id%3Dmodinfra-66200-rotrent%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EMicrosoft%20Sentinel%20this%20Week%20-%20Issue%20%2361%20%7C%20Revue%20(getrevue.co)%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22revue-p%22%3EHi%2C%20all!%20It%E2%80%99s%20Friday%20and%20you%20know%20what%20that%20means%3A%20It%E2%80%99s%20time%20for%20our%20weekly%20get%20together.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%20hope%20you%20had%20a%20great%20week.%20I%E2%80%99ve%20spent%20the%20last%20few%20days%20digging%20out%20from%20being%20away%20last%20week%20speaking%20at%20a%20conference.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EIt%20seems%20that%20it%20does%20not%20matter%20how%20attentive%20you%20are%20to%20normal%20work%20life%20while%20away%20at%20a%20conference%2C%20there%E2%80%99s%20still%20plenty%20to%20do%20catch%20up%20on%20when%20you%20return.%20So%2C%20most%20of%20my%20week%20was%20a%20frantic%20mess.%20But%20after%20a%20lot%20of%20hard%20work%2C%20I%20do%20finally%20feel%20like%20I%E2%80%99m%20back%20into%20a%20good%20place.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%0A%3CDIV%20class%3D%22revue-p%22%3EHi%2C%20all!%20It%E2%80%99s%20Friday%20and%20you%20know%20what%20that%20means%3A%20It%E2%80%99s%20time%20for%20our%20weekly%20get%20together.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%20hope%20you%20had%20a%20great%20week.%20I%E2%80%99ve%20spent%20the%20last%20few%20days%20digging%20out%20from%20being%20away%20last%20week%20speaking%20at%20a%20conference.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EIt%20seems%20that%20it%20does%20not%20matter%20how%20attentive%20you%20are%20to%20normal%20work%20life%20while%20away%20at%20a%20conference%2C%20there%E2%80%99s%20still%20plenty%20to%20do%20catch%20up%20on%20when%20you%20return.%20So%2C%20most%20of%20my%20week%20was%20a%20frantic%20mess.%20But%20after%20a%20lot%20of%20hard%20work%2C%20I%20do%20finally%20feel%20like%20I%E2%80%99m%20back%20into%20a%20good%20place.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%0A%3CDIV%20class%3D%22revue-p%22%3EThe%20agenda%3A%3C%2FDIV%3E%0A%3CUL%20class%3D%22revue-ul%22%3E%0A%3CLI%3E2%3A00%20PM%20%E2%80%93%203%3A25%20PM%3CSTRONG%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E-%20Keynote%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FSTRONG%3E%E2%80%9CWhat%E2%80%99s%20next%20in%20Security%E2%80%9D%3C%2FLI%3E%0A%3CLI%3E3%3A25%20PM%20%E2%80%93%204%3A10%20PM%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSTRONG%3E-%20Innovation%20Break%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3CLI%3E4%3A10%20PM%20%E2%80%93%205%3A55%20PM%3CSTRONG%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E-%20Breakout%20session%20and%20immersive%20experiences%3A%3C%2FSTRONG%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eon%20topics%20including%20Zero%20Trust%2C%20Multi-cloud%20Security%2C%20Identity%20and%20Threat%20Intelligence%2F%20Hands-on%20Microsoft%20Immersion%20Experience%3A%20Secure%20Hybrid%20Cloud.%26nbsp%3B%3C%2FLI%3E%0A%3CLI%3E6%3A00%20PM%20%E2%80%93%209%3A00%20PM%3CSTRONG%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E-%20Evening%20Reception%3C%2FSTRONG%3E%3C%2FLI%3E%0A%3C%2FUL%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%E2%80%A6%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%3CSTRONG%3EDefender%20365%20to%20Sentinel%20Data%20Columns%3C%2FSTRONG%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%E2%80%99ve%20seen%20and%20heard%20from%20our%20customers%20over%20the%20past%20many%20months%20looking%20for%20specific%20data%20columns%20that%20exist%20in%20365%20Defender%20but%20do%20not%20in%20the%20Sentinel%20tables.%20With%20all%20new%20tables%20now%20being%20available%20(%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gp%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4gp%3C%2FA%3E)%20you%20or%20your%20customers%20may%20find%20even%20more%20data%20columns%20they%20believe%20are%20missing.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%20have%20a%20call%20coming%20up%20to%20discuss%20this.%20If%20you%E2%80%99d%20like%20to%20have%20those%20missing%20data%20columns%20reviewed%2C%20fill%20out%20the%20form%20below.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gr%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4gr%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%E2%80%A6%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%20mentioned%20in%20last%20week%E2%80%99s%20newsletter%20about%20the%20%E2%80%9C%3CSTRONG%3EMy%20SOC%20Doesn%E2%80%99t%20SUC%3C%2FSTRONG%3E%E2%80%9D%20T-shirt%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4dB%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4dB%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EThis%20is%20going%20gangbusters.%20We%E2%80%99re%20generating%20a%20LOT%20of%20new%20donations%20to%20go%20St.%20Jude.%20So%2C%20thanks%20to%20everyone%20for%20participating!%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EFor%20those%20that%20were%20asking%2C%20there%E2%80%99s%20now%20also%20a%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSTRONG%3Ehoodie%20version%3C%2FSTRONG%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eof%20this%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gs%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4gs%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EI%20ordered%20both%20for%20myself%20and%20wore%20the%20T-shirt%20version%20on%20Wednesday%E2%80%99s%20nights%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gt%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EMicrosoft%20Security%20Insights%20live%20show%3C%2FA%3E.%20I%E2%80%99ll%20try%20to%20wear%20the%20hoodie%20version%20next%20week.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EThis%20week%E2%80%99s%20Microsoft%20Security%20Insights%20show%20was%20a%20hoot%20(as%20always)%2C%20btw.%20Plus%2C%20we%20had%20the%20Microsoft%20techcommunity%20PMs%2C%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fin%2FACoAAACp4kkBduKw9hMd-QjuW5wR-7qiw9sWs64%3Flipi%3Durn%253Ali%253Apage%253Ad_flagship3_detail_base%253BRqOoT2HGREmPha44ExG0mw%253D%253D%26amp%3Butm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3EValon%20Kolica%3C%2FA%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3Eand%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fwww.linkedin.com%2Fin%2FACoAAACpRIoBjIuPKd_g6G9gAiosbMji1vSOhL8%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3ERyan%20Heffernan%3C%2FA%3E%2C%20on%20to%20talk%20about%20the%20Microsoft%20security%20community.%20That%20was%20an%20awesome%20discussion.%20You%20can%20catch%20the%20replay%20here%3A%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fcda.ms%2F4gv%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fcda.ms%2F4gv%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%E2%80%A6%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3ELastly%2C%20I%E2%80%99m%20super%20happy%20to%20see%20some%20of%20the%20first%20Spanish%20language%20community%20resources%20for%20Microsoft%20Sentinel%2C%20SC-200%2C%20and%20KQL!%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2FldgzpQJk-10%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fyoutu.be%2FldgzpQJk-10%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2FdBAh9iGJJks%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fyoutu.be%2FdBAh9iGJJks%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%3CA%20href%3D%22https%3A%2F%2Fyoutu.be%2FpemKR52Wl-g%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3Ehttps%3A%2F%2Fyoutu.be%2FpemKR52Wl-g%3C%2FA%3E%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EWe%20need%20more%20of%20this!%20And%2C%20not%20just%20in%20Spanish.%20If%20you%20are%20delivering%20local%20language%20security%20content%2C%20let%20me%20know.%20I%E2%80%99d%20love%20to%20work%20together%20to%20amplify%20it.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%E2%80%A6%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3EThat%E2%80%99s%20it%20for%20me%20for%20this%20week.%20I%E2%80%99m%20sure%20we%E2%80%99ll%20have%20plenty%20to%20talk%20about%20in%20the%20next%20newsletter%20edition.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3ETalk%20soon.%3C%2FDIV%3E%0A%3CDIV%20class%3D%22revue-p%22%3E-%3CA%20href%3D%22https%3A%2F%2Ftwitter.com%2Frodtrent%3Futm_campaign%3DMicrosoft%2520Sentinel%2520this%2520Week%26amp%3Butm_medium%3Demail%26amp%3Butm_source%3DRevue%2520newsletter%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3ERod%3C%2FA%3E%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3C%2FDIV%3E%0A%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3372300%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3ECloud%20Security%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EMicrosoft%20Sentinel%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Microsoft

AshleyMartin_0-1652462511674.png

Microsoft Sentinel this Week - Issue #61 | Revue (getrevue.co)

 

Hi, all! It’s Friday and you know what that means: It’s time for our weekly get together.
I hope you had a great week. I’ve spent the last few days digging out from being away last week speaking at a conference.
 
It seems that it does not matter how attentive you are to normal work life while away at a conference, there’s still plenty to do catch up on when you return. So, most of my week was a frantic mess. But after a lot of hard work, I do finally feel like I’m back into a good place.
 
Hi, all! It’s Friday and you know what that means: It’s time for our weekly get together.
I hope you had a great week. I’ve spent the last few days digging out from being away last week speaking at a conference.
 
It seems that it does not matter how attentive you are to normal work life while away at a conference, there’s still plenty to do catch up on when you return. So, most of my week was a frantic mess. But after a lot of hard work, I do finally feel like I’m back into a good place.
 
The agenda:
  • 2:00 PM – 3:25 PM - Keynote “What’s next in Security”
  • 3:25 PM – 4:10 PM - Innovation Break
  • 4:10 PM – 5:55 PM - Breakout session and immersive experiences: on topics including Zero Trust, Multi-cloud Security, Identity and Threat Intelligence/ Hands-on Microsoft Immersion Experience: Secure Hybrid Cloud. 
  • 6:00 PM – 9:00 PM - Evening Reception
 
Defender 365 to Sentinel Data Columns
I’ve seen and heard from our customers over the past many months looking for specific data columns that exist in 365 Defender but do not in the Sentinel tables. With all new tables now being available (https://cda.ms/4gp) you or your customers may find even more data columns they believe are missing.
 
I have a call coming up to discuss this. If you’d like to have those missing data columns reviewed, fill out the form below.
 
I mentioned in last week’s newsletter about the “My SOC Doesn’t SUC” T-shirt: https://cda.ms/4dB
This is going gangbusters. We’re generating a LOT of new donations to go St. Jude. So, thanks to everyone for participating!
 
For those that were asking, there’s now also a hoodie version of this: https://cda.ms/4gs
I ordered both for myself and wore the T-shirt version on Wednesday’s nights Microsoft Security Insights live show. I’ll try to wear the hoodie version next week.
This week’s Microsoft Security Insights show was a hoot (as always), btw. Plus, we had the Microsoft techcommunity PMs, Valon Kolica and Ryan Heffernan, on to talk about the Microsoft security community. That was an awesome discussion. You can catch the replay here: https://cda.ms/4gv
 
Lastly, I’m super happy to see some of the first Spanish language community resources for Microsoft Sentinel, SC-200, and KQL! 
We need more of this! And, not just in Spanish. If you are delivering local language security content, let me know. I’d love to work together to amplify it.
 
That’s it for me for this week. I’m sure we’ll have plenty to talk about in the next newsletter edition.
 
Talk soon.
0 Replies