No video :(

Getting started with Microsoft Sentinel Tasks to Standardise Cyber Security Incident Response

Подписаться 4,6 тыс.

Просмотров 2,6 тыс.

50% 1

Join me in this informative video as I take you through the benefits of using Microsoft Sentinel Tasks for your cyber security operations. Learn how standardizing and formalizing your incident response process can improve your overall approach to cyber security. Discover how tasks can help you with incident triage, investigation, and response, without worrying about missing a critical step. Follow along as I share my expert insights on how to document, update, and align incident response standards across teams and shifts. Don't miss this opportunity to transform your cyber security strategy with Microsoft Sentinel Tasks.
#MicrosoftSentinel #Tasks #CyberSecurity #SecOps #IncidentResponse #Standardization #Efficiency

Опубликовано:

27 фев 2023

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 6

@janetwilcox5314 Год назад

Outstanding

@progod6017 Год назад

I had no idea virus total has a free API. Thanks for sharing!

@alexandervogtsanchez7522 7 месяцев назад

It's pretty much useless if you have a medium to high volume of IPs included in alerts/incidents. Rate limit is like 4 per minute. BTW sentinel now has enrichment widgets for IP addresses so no need to include a task for this. If you still want to use logic apps, use the HTTP connector rather than the built-in virus total one. This way you can check the status code of the call. If it returns 204 you can call another HTTP with a different api key. Somewhat ugly but could work to overcome rate limitations

@progod6017 7 месяцев назад

it is actually useless. true. @@alexandervogtsanchez7522

@jackobyte Год назад

Great video, just wondering.. adding the tasks (via the automation rule) shouldnt have an effect on costs? its only when they are logic apps? is that right?