Microsoft Sentinel API 101
Our Sentinel Management API just went GA! In this blog post we give you the 101 on the different APIs you can use to interact with Microsoft Sentinel. We'll look at how you can use them, when you should use them, what tools you can use to interact with them and how to authenticate to them.What’s New: Azure Sentinel Threat Hunting Enhancements
We are delighted to introduce a set of enhancements that greatly enhance the analyst experience with Azure Sentinel’s hunting capabilities by better tying them together, as well as by providing documentation and training on how to make the most of these existing capabilities.Using Azure Lighthouse and Azure Sentinel to Investigate Attacks Across Multiple Tenants
Azure Lighthouse provides capability for cross-tenancy management of Azure services for Managed Service Providers (MSPs) and organizations with multiple Azure tenants, all from a single Azure portal. Azure Lighthouse is integrated with Azure Sentinel allowing organizations to easily manage Azure Sentinel workspaces from across multiple tenants. In this blog we will show you how to configure Azure Lighthouse, and how to use its capabilities to investigate an attack as it targets several customers at once.Monitoring Windows Virtual Desktop environments (Fall 2019 release) with Microsoft Sentinel
In order to enable remote work, some organizations have had to make rapid and sweeping changes to their endpoints. Windows Virtual Desktop (WVD) has enabled our customers to quickly provision Windows 10 virtual desktops to enable people who have traditionally not been remote workers to access a virtualized work desktop from home. However, these new endpoints also need to be monitored to maintain an organization’s security posture and so in this blog, we will explore how you can use Microsoft Sentinel to monitor your WVD environment.What’s new: Incident tasks
SOC analysts can follow checklists to handle the processes of incident triage, investigation, and response without worrying about missing a critical step; SOC managers and MSSPs can document, update, and align the standards of incident response across the analysts' teams and shifts.
