Remove a device from Microsoft account
Hello, When I access to microsoft.com and clicking on my Microsoft account, the screen like the picture below is displayed. On Devices part, it showed my laptop info though I removed this device several times by this link https://support.microsoft.com/en-us/windows/remove-a-device-from-your-microsoft-account-dda2c664-9d57-e5db-acf0-67f14d5fdf3c. I hope this issue can be fixed. Thank you.Integrating Azure Security Center with Azure Sentinel
Before explaining how Azure Security Center integrates with Azure Sentinel, it is very important to understand the use case of each one of those solutions. Knowing how to positioning them, will help you to understand the key problems that each solution is addressing and how this reflects to your own scenario. Azure Security Center can be categorized as a Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP). These platforms are composed by an aggregation of different capabilities as shown in the diagram below: Security Center has several features that can be mapped to those capabilities, and you can find the entire list in this article. The diagram above also shows that Security Center has CSPM and CWPP capabilities for IaaS, PaaS and hybrid workloads. Note: for more information about the importance of CSPM and CWPP to manage visibility and control of your cloud workloads, read this article that I wrote for the ISSA Journal. Azure Sentinel in other hand is a cloud-native Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) tool. Azure Sentinel’s role is to ingest data from different data sources and perform data correlation across these data sources. On top of that, Azure Sentinel leverages intelligent security analytics and threat intelligence to help with alert detection, threat visibility, proactive hunting, and threat response. The diagram below shows how Azure Sentinel is positioned across different data sources: Integrating Security Center with Azure Sentinel When you configure this integration, the Security Alerts generated by Security Center will be streamed to Azure Sentinel. You only need to follow a few steps to configure this integration, and you can follow those steps by reading this article. Once the integration is configured, the alerts generated by Security Center will start appearing in Azure Sentinel. End-to-end visibility One advantage of using Azure Sentinel as your SIEM is the capability to have data correlation across data sources, which enables you to have an end-to-end visibility of the security related events, as shown in the diagram below: In this example, Azure Sentinel created a case based on data correlation that is coming from different Microsoft products.
Run a windows defender scan in windows 10 using POWERSHELL
Folks, Windows 10 by default doesnt have periodic scanning enabled, to enable that i have to toggle the switch then i am able to scan. I am looking for a powershell command that can flip this on and another command to get scan results once the scan is finished.
Azure Security Center Delegation
Hi, Is there any way to delegate Azure Security Center with LightHouse? I would like to have the delegation implemented with Sentinel - for MSPs. Where the service provider can contribute to the customer's workspace. Also is it possible to have access to the customer's log analytics workspace? (Run queries) Thanks
