New Blog Post | Reading About Updated Microsoft Sentinel Content in a Microsoft Teams SOC Channel

Contributor

JasonCohen1994_0-1658860440739.png

Reading About Updated Microsoft Sentinel Content in a Microsoft Teams SOC Channel - Azure Cloud & AI...

 

Microsoft Sentinel is updated constantly, and many customers would like better ways to know when things are updated and when new things are on the cusp of releasing and then when they are available. For the longest time, I have simply monitored the RSS feed for the official Microsoft Sentinel GitHub repository – which is where all updates come from after they have been vetted and approved. You can monitor this, too.

 

The RSS feed: https://github.com/Azure/Azure-Sentinel/commits/master.atom

 

It takes some effort to sift through all the updates, but it’s worth it.

 

But wouldn’t it be cool to deliver just the updates to a centralized location for your entire SOC team? Here is another way to utilize this feed.

 

Recently, I started pushing just the original feed item link, the update date, and the updated item information to my SOC’s Microsoft Teams channel, called Microsoft Sentinel GitHub Feed. See the image just below for an example that tells me that there’s work been done on ASIM and then there’s a Cisco Playbook that has had content updated along with its deployment. Pretty useful stuff.

 

Author: Rod Trent

0 Replies