Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Manage security alerts in Microsoft 365 security center(MTP), Sentinel or separately?

Copper Contributor

I am having some questions and would like to receive opinions that can contribute.

 

I have the solutions in my environment and I'm in doubt about how to centralize everything.

 

I have Azure Sentinel receiving the Defender Atp, MCASB, Azure ATp, Office 365 ATp logs, among others.

 

I also have MCAS integrated with Azure ATP.

 

The question is. Where should all technologies be centralized?

 

That is, if I use Microsoft 365 Security Center to centralize Defender ATP, Azure ATP, MCAS and Office ATP, does it still make sense to receive these logs in Sentinel?

 

Would it be possible to integrate alerts generated in Sentinel with Microsoft 365 Security Center?

 

If I receive the solution logs on Sentinel, what would be the meaning of Microsoft 365 Security Center? Can I work with both, centralizing the solutions in both?

 

I know that there may not be a final answer, but I would be happy to get your position.

 

Thank you.

1 Reply

@luizao_lf Similar questions. Did you make any headway