Microsoft Sentinel
Jon Bonso2023-03-10T01:45:08+00:00Microsoft Sentinel Cheat Sheet A cloud-native SIEM and SOAR solution. It offers a birds-eye view across your enterprise. Sentinel is an intelligent security analytics and threat intelligence service that provides alert detection, threat visibility, proactive hunting, and threat response. Data connection methods in Sentinel: Service to service integration, External solutions via API, and External solutions via an agent. Microsoft Sentinel roles: Reader, Responder, and Contributor. Threat Management Sentinel provides the following features: Collect, Detect, Investigate, and Respond. Quickly gain insights across your data with Azure Sentinel Workbooks. Investigate and resolve possible threats with incidents (groups of related alerts). You can [...]