0

Transforming Threat Intelligence: Microsoft’s Latest Enhancements and the Road Ahead

As cyber threats grow increasingly sophisticated, Microsoft’s ongoing investment in advanced Threat Intelligence (TI) capabilities helps ensure that organizations can stay a step ahead.  The recently announced updates are a game-changer for cybersecurity professionals, promising smarter, faster, and more proactive threat detection and response.   Today we look at what the changes to TI are and how to update our existing resources in Sentinel to be ready!

Posted on 7:00 am
0

Azure Updates – Number 112 – April 19, 2025 – Easter Edition!

Hop aboard the Azure Express for a delightful springtime summary of Azure News, featuring updates released from Microsoft Azure related to Azure, Architecture, Compute, and Sentinel topics. Each update is linked to its original Microsoft Azure, Microsoft Sentinel, Copilot for Security, or other blog source—saving you time so you can enjoy the Easter festivities instead of digging around for recent releases and changes.

Posted on 9:00 am

Automated Triage in Microsoft Sentinel

In today’s post we will look at some different ways to automate incident triage in Microsoft Sentinel. Organizations face an ever-increasing volume of security threats. Cyberattacks are becoming more sophisticated, and the sheer number of alerts can overwhelm even the most seasoned security teams. Automated triage in Microsoft Sentinel emerges as a crucial solution, empowering organizations to respond swiftly and efficiently to potential threats. This is where Microsoft Sentinel’s automated triage capabilities are…

Posted on 8:00 am
0
Microsoft Defender for Cloud - A defender pictured as a knight with a shield defending against technology threats and badguys!

Onboard a Single Subscription with Microsoft Defender for Cloud

In today’s post we will look at a targeted way to harness the full potential of your Azure security by integrating Microsoft Defender for Cloud with Microsoft Sentinel. This powerful combination allows for advanced threat detection, seamless monitoring, and a unified view of your security posture. We want to select our Sentinel data connectors while being thoughtful. The Microsoft Defender XDR data connector is the modern connector version that we should all use in most cases; but the legacy connector is useful when we have only specific subscriptions that we want to bring into Sentinel. The older, legacy connector, requires the manual selection of the subscriptions to include in the data ingestion; it is the perfect solution if you have a tenant that you only want 2 of the many subscriptions provisioned.

Posted on 7:15 am