Getting started with the Microsoft Unified Security Operations Platform
ฝัง
- เผยแพร่เมื่อ 21 ก.ค. 2024
- Explore Microsoft's Unified Security Operations platform, the all-in-one cybersecurity solution designed to streamline threat management. This platform integrates SIEM, XDR, AI, and more into a single toolkit, offering a unified view for monitoring digital threats and simplifying SOC operations. With advanced AI for rapid threat detection and automatic disruption, it equips security teams with the tools to proactively manage risks and respond to incidents efficiently. This video guides you through getting started, showcasing how to enhance your security posture and streamline your SOC workflow effortlessly.
Read the announcement here: www.microsoft.com/en-us/secur... - วิทยาศาสตร์และเทคโนโลยี
Greetings and thank you for all your great content. I've really been looking forward to the unification of Defender Portal and Sentinel but once connected I felt there is alot missing still. Playbooks for example. We use those extensively to enrich our entities in Sentinel Incidents but I have yet to find a way to do that in the Defender Portal
Thanks for video. Logs in advanced threat hunting option in defender are limited to 30 days? Or microsoft extended as new tables from sentinel appear?
How does this work when you use Lightouse to "see" multiple tenants?
Hi! The workspace is still usable from within the Azure Portal. The unified security operations platform only supports a single workspace today.
In case you also need to manage Defender for Endpoint in a multi tenant scenario; I would suggest to have a look at M365 Lighthouse
first