User Profile

tal_rosler

Microsoft

Joined 7 years ago

10 Posts13 Likes2 Solutions

View All Badges

User Widgets

Recent Discussions

Re: Burst of multiple reconnaissance commands could indicate initial activity after compromise
Hi ujjawalm , Those alerts are result of a known temporal error in our system caused Azure Security Center to trigger alerts that shouldn't be triggered. The issue was mitigated successfully - you shouldn’t get such alerts anymore. I am very sorry for the inconvenient it caused – please feel free to ignore those alerts. Thanks, Tal Rosler, Product Manager, Azure Security Center.
Jul 05, 2020 Place Microsoft Defender for Cloud
2KViews
0likes
0Comments
Re: Analysis of host data detected a large number of system log files being removed
Hi ujjawalm , Those alerts are result of a known temporal error in our system caused Azure Security Center to trigger alerts that shouldn't be triggered. The issue was mitigated successfully - you shouldn’t get such alerts anymore. I am very sorry for the inconvenient it caused – please feel free to ignore those alerts. Thanks, Tal Rosler, Product Manager, Azure Security Center.
Jul 05, 2020 Place Microsoft Defender for Cloud
993Views
0likes
1Comment
Re: How to filter security events only from Event Hub and send to SIEM
Hi palchak , Your customer can use Microsoft Graph connector for QRadar to send Azure Security Center data easier to QRadar. Please read more details here: https://techcommunity.microsoft.com/t5/azure-security-center/accessing-azure-security-center-alerts-in-splunk-using-graph/ba-p/938228 Thanks, Tal Rosler, Azure Security Center.
May 14, 2020 Place Microsoft Defender for Cloud
1.7KViews
0likes
0Comments
Re: Cloud Smart Alert Correlation Engine
thomasdefise Hi, 1) Incidents with high severity are automatically sent to the security contacts specified in ASC settings (the same as alerts). 2) Incidents logs to the same table as the alerts in log analytics. Thanks, Tal.
Jan 31, 2020 Place Microsoft Defender for Cloud
2.3KViews
0likes
1Comment
Welcome to the Azure Security Center community forum
Welcome to the Azure Security Center community forum! Join us to share questions, thoughts, and ideas about Azure Security Center and receive answers from the diverse Security Center community. Our community is here to assist you with any questions or challenges you may have. This forum is part of the Security Center community platforms, including the GitHub repository for sharing code, and a blog for keeping up-to-date with news and how-to-guides. Get involved in any of the following community platforms: Azure Security Center GitHub repository Azure Security Center Blog Features Suggestions To learn more about Azure Security Center, see the: Product description and introduction Security Center documentation Feel free to post any questions, comments, or requests here. Best regards, Azure Security Center team
Oct 25, 2019 Place Microsoft Defender for Cloud
2.3KViews
2likes
0Comments

Recent Blog Articles