Это видео недоступно.
Сожалеем об этом.
Unleash the Power: Automatically Enrich Threat Indicators in Microsoft Sentinel
HTML-код
- Опубликовано: 25 июл 2023
- In this enlightening video tutorial, we delve deep into the workings of Microsoft #Defender #Threat #Intelligence (Defender TI), illustrating how this advanced tool can greatly enhance your organization's security posture. Defender TI plays a vital role in providing in-depth insights into threats, helping you establish a robust risk profile for your business and significantly speeding up your incident response process.
We take a practical approach in this tutorial, demonstrating how to leverage Logic Apps in synergy with Microsoft Sentinel. This combo is an absolute game-changer in threat management, as it automatically enriches indicators of compromise (IoCs) with a reputation score, giving you an edge in identifying and mitigating threats swiftly.
The video tutorial aims to equip you with the necessary knowledge to maximize the utility of Defender TI, empowering you to create a highly secure and resilient environment for your organization.
For more information about Microsoft Defender Threat Intelligence, visit the provided link: learn.microsof...
This tutorial is a must-watch for cybersecurity professionals, IT administrators, and anyone interested in ensuring the optimum security of their digital assets. Tune in to take a big step towards fortifying your cyber defenses!
Remember to subscribe to our channel for more insightful content on cybersecurity best practices and the latest industry updates. Enjoy the video!
I usually watch the videos on your channel in the morning and the coffee sections are so good that they make me make myself a coffee before continuing to watch the videos. With this, I feel that we are having coffee together and discussing the subject of the video.
sick alternative to using the free virustotal api.
huge shoutout to u for showing this around.
I mean this would be great, does it cost 4 k a month? lmao
@@progod6017 lol
Hi, I'm always trying to replicate in a lab all your videos, so that I can truly learn and understand, Thanks a lot for all your videos. Can you provide more details on the App Registration and on the "Parse JSON" action? I'm stuck in those two...
Do you have plans to share automation videos for blocking IOC's on PaloAlto, Fortinet, Other Firewalls etc. Loving your videos Thank you :)
Thanks for covering data enrichment for Sentinel, really beginning to make use of it. Do you have plans to cover the use of MIcrosoft's Sentinel Triage Assistant (MSTAT)? There is, I understand the connectors and modules which help with the initial triage looking at the history of the entities in the incident and risk scoring these, ultimately adjusting the severity of the incident based on this risk score.
For STAT, most don’t understand it, but fairly easy to set up in a lab or in a commercial environment. Huge advantage for a SOC team as it is basically an additional analyst.
Thanks for mentioning it! I will have a look into MSTAT and maybe create a video about it!
i think sentinel can automatically do this now...saw a video about auto integration with virus total
Hi there please can you share the video link or github link
Do you have linkedin sir? Lets connect
Sure! Just search on Jeroen Niesen and you will find my profile :-)