Wednesday, September 8, 2021

Azure Sentinel- Most common Use cases deployment

 Ready to go . Just import them, configure any additional permissions needed. Take advantage of Azure Sentinel right now.

Disable Users from OnPrem Active Directory:

Block Azure AD Users:

Integrate Azure Sentinel alerts with Service Now:

Add Comments (Guidelines) on Incidents:

Confirm Risks for Azure Active Directory Users:

Collect Threat Vulnerability Management report from compromised Machine:

Send all details (Machine Vulnerabilities, Missing KBs, Security Recommendations, Alerts, Software Inventory) from a compromised Machine and send it via Teams:

Send scheduled report focused on Cost Management:

Start Packet Capture from a compromised Machine:

Send scheduled report focused on Connector Heath:

Restrict App Execution in a compromised Machine:

No comments:

Post a Comment