Jul 27 2021
10:16 AM
- last edited on
Nov 03 2021
03:58 AM
by
TechCommunityAP
Jul 27 2021
10:16 AM
- last edited on
Nov 03 2021
03:58 AM
by
TechCommunityAP
Incident triage is a core component of security monitoring operations and ensuring triage processes are efficient and effective is key to detecting security threats. Recent high profile security incidents have shown that detecting threats is insufficient unless effective triage and investigation of them is conducted. In this blog we detail how to deploy and use a solution that allows for the automatic execution of Jupyter Notebooks to provide enrichment to incidents within Azure Sentinel. This process allows security analysts to triage incidents more quickly and effectively, as well as ensuring a consistent, quality approach is taken.