Category Archives: Azure Sentinel

Microsoft Sentinel – Getting started with Automation Rules and Playbooks to help automate threat response

Azure, Azure Sentinel, Security, SOC December 1, 2022 Leave a comment

Microsoft Sentinel’s automation rules give you the ability to develop and organize rules that can be used in a variety of scenarios, allowing you to manage automation from a central location. A playbook is a compilation of various corrective actions that may be routinely executed from Microsoft Sentinel.

When triggered by specific alerts or incidents, as determined by an analytics rule or an automation rule, a playbook can help automate and orchestrate your threat response. It can be used manually or set to run automatically in response to specific alerts or incidents.

Take a look at this video on getting started with Automation Rules & Playbooks

Regards

Sathish Veerapandian

Azure Sentinel – Use of Microsoft Sentinel Analytics Rules & Data Connectors to detect potential threats

Azure, Azure Sentinel, Security, SOC November 25, 2022 Leave a comment

Enterprise-wide threat information and intelligent security analytics are provided by Microsoft Sentinel. A single solution for attack detection, threat visibility, proactive hunting, and threat response with Microsoft Sentinel.

Microsoft Sentinel Analytics provides an intelligent solution that you can use to detect potential threats and vulnerabilities in your organizations.
Microsoft Sentinel Analytics helps you detect, investigate, and remediate cybersecurity threats.

Additionally, Microsoft Sentinel includes built-in worksheet templates so that as soon as a data source is connected, you may instantly acquire insights from your data.

Take a look at this video !

Starting from scratch – Microsoft Sentinel as a SIEM & SOAR solution in your environment

Azure, Azure Sentinel, Security November 23, 2022 Leave a comment

It’s close to 4 yrs that Azure sentinel has been in the market and lot of organizations are utilizing them fully in their Secops Team and the SIEM cloud native tool have been doing a great job.

Many businesses use Office 365, and they are expanding their use of the sophisticated security and compliance tools offered by Microsoft 365. To fully comprehend an attack, you frequently need to mix security data from users and end point applications with data from your IT environment and third parties. If you could accomplish all of this while staying within a single cloud provider’s compliance guidelines, that would be perfect.

Take a look at this video on getting started with Microsoft Sentinel in your Environment.

Hope you enjoyed this video !!

%d bloggers like this: