Microsoft Azure Sentinel and Security Incident Response
ฝัง
- เผยแพร่เมื่อ 12 ก.ย. 2024
- In this video I show the security incident ingestion in ServiceNow's Security Incident Response application with Microsoft Azure Sentinel. While I don't show the complete configuration of the integration, I do review the integration profile settings that control field mappings, the integration behavior and the scheduling. #servicenow #microsoft #azuresentinel #sentinel #securitincidentresponse #siem #security
How are observables mapped ? If the kind of entity is host: it should create a observable with observable type as host, if it’s ‘IP Address’ the observable type should be set up as lP Address and so on
Can we do unidirectional using the servicenow store, when an incident is created in Snow, it should create an incident in sentinel ? Is this direction is possible using a snow store