Microsoft Entra Tech Accelerator
Jun 27 2023, 08:00 AM - 12:00 PM (PDT)
Microsoft Tech Community

New Blog Post | Understanding API connections for your Azure Sentinel Playbooks



API connections and permissions for Azure Sentinel Playbooks (

In addition to being a Security Information and Event Management (SIEM) tool, Azure Sentinel is a Security Orchestration, Automation, and Response (SOAR) platform. Automation takes a few different forms in Azure Sentinel, from automation rules that centrally manage the automation of incident handling and response, to playbooks that run predetermined sequences of actions to provide powerful and flexible advanced automation to your threat response tasks. In this blog we will be focusing on playbooks and understanding application programming interface (API) permissions, connections, and connectors in Azure Sentinel playbooks.

0 Replies