Join me for Part 2 of 3 where we review advanced customizations in Microsoft Sentinel. We review some of the steps to advance your threat hunting and better protect your environment.
Join me for Part 1 of 3 where we review Building a Stronger Foundation in Microsoft Sentinel. We review the steps to help review and build a stronger SIEM solution together.
In today’s article we will build on previous automation experiences to further develop your Microsoft Sentinel automation powers! Today we will look at remediating incidents and alerts automatically. We will explore auto-remediation using both playbooks and Sentinel Automation rules.
Today we take a detailed look at building our own Sentinel Playbooks and gathering information on an Incident automatically. Join me as we build automation to update Alerts with detailed IP lookup information as comments. With basic research done automatically, we can save a lot of time!