Welcome to the third entry of our blog series on automating Microsoft Sentinel. In this series, we’re showing you how to automate various aspects of Microsoft Sentinel, from simple automation of Se...

Introduction A huge thank you to MariaSousaValadas​ for contributing and reviewing this post In a SIEM you may need to upload data for correlation, such as high value assets, IP ranges from your ...

Microsoft Sentinel is moving to the Microsoft Defender portal to deliver a unified, AI-powered security operations experience. Many customers have already made the move. Learn how to plan your transi...

As organizations continue to scale their security operations, managing the volume and cost of data ingestion becomes increasingly critical. Microsoft Sentinel’s new Summary Rules Templates offer a st...

In the ever-evolving landscape of cybersecurity, both automation and infrastructure-as-code (IaC) have become indispensable. SIEM solutions, traditionally known for their complex configurations and m...

In March, Case Management went to GA status within the unified portal for customers. This introduced new functionality and experiences such as: A new case queue Custom statuses New Case task ...

Microsoft Sentinel’s Codeless Connector Framework or ‘CCF’ (formerly called Codeless Connector Platform [CCP]) represents a paradigm shift in data ingestion, making it easier than ever for organisati...

Welcome to the second entry of our blog series on automating Microsoft Sentinel. In this series, we’re showing you how to automate various aspects of Microsoft Sentinel, from simple automation of S...

This post is part of an update series highlighting new SOC optimization capabilities designed to help SOC teams maximize security value with less manual effort. In this post, we focus on AI-powered M...