May 25 2021
10:12 AM
- last edited on
Nov 03 2021
03:52 AM
by
TechCommunityAP
May 25 2021
10:12 AM
- last edited on
Nov 03 2021
03:52 AM
by
TechCommunityAP
Who Watches the SOC Team? Enabling Audit/Risk Teams to Monitor the SOC - Microsoft Tech Community
This blog is going to be discussing methods to monitor the actions of the SOC team from a risk and auditing standpoint. There is a need in the field for monitoring actions performed by the SOC engineers in an environment. Currently, the Log Analytics workspace saves queries performed by users within the environment. As an auditor or risk assessment user, the queries performed for reporting should not be seen by the SOC team and need to be masked or hidden. Log Analytics does not allow for that type of functionality.