Microsoft Sentinel this Week - Issue #73

#73・
73

issues

Subscribe to our newsletter

By subscribing, you agree with Revue’s Terms of Service and Privacy Policy and understand that Microsoft Sentinel this Week will receive your email address.

Microsoft Sentinel this Week
Microsoft Sentinel this Week - Issue #73
By Rod Trent • Issue #73 • View online
Happy Friday!
We’re speeding into a weekend that I hope will be a good one for you. I hope it is something you’re looking forward to and something you will be able to look back on fondly.
This Sunday I’m off the mothership for meetings and good fun - but most importantly I’ll be speaking at TechMentor. TechMentor is geared toward the IT Professional and will be held at the on-campus Microsoft conference center. I’ll be bringing my own flavor of technical entertainment in a couple sessions:
If you miss this particular event, there’s another one in Orlando, FL in November that I’ll also be speaking at. Same topics but updated content to keep it fresh. I hope to see you there.
If you ARE attending don’t hesitate to connect with me to say hello, talk about security, or - heck - have your copy of your Must Learn KQL book signed. I’ll also have copies of the book on-hand to give away during my sessions.
I’ll back in the office on Thursday so you can count on the newsletter still delivering on Friday as usual.
Here’s a safe, fun activity for you all this week. We’re looking for guidance on the future of automated capability for the Defender for IoT and Sentinel integration.
Microsoft Defender for IoT Sentinel IT/OT Unified SOC Survey
Defender for IoT’s built-in integration with Sentinel aims to bridge the IT and OT security gap so that SOC teams are able to resolve OT incidents more efficiently.
We would like to learn what capabilities and data can help SOCs manage and resolve OT incidents and in particular, what automated responses playbooks templates might be helpful for your organization.
Link to survey: https://rodtrent.com/lma
Wish me luck next week! I love getting together with people at these in-person events.
Talk soon.
-Rod

Stuff to Read
Microsoft Sentinel Pricing and Monitoring
Deploy Threat Monitoring for SAP in Microsoft Sentinel | Microsoft Docs
Protect critical information within SAP systems against cyberattacks - Microsoft Tech Community
Bring Threat Intelligence from Kaspersky using TAXII data connector - Microsoft Tech Community
Get AWS IP Ranges From Sentinel
Stuff to Watch/Listen To
Microsoft Security Insights Podcast
Logic Apps Live - August 2022
Stuff to Attend
Stop Ransomware with Microsoft Security 2022 - Home - Home
Stuff That's New or Updated
Microsoft Sentinel Solution for SAP – SAP Monitoring | Microsoft Azure
New Threat Intelligence features in Microsoft Sentinel - Microsoft Tech Community
Stuff That's Related
14 MustLearnKQL The Project Operator
Public preview: Enable VM insights using Azure Monitor agent | Azure updates | Microsoft Azure
How to create the output schema from Kusto query - Microsoft Tech Community
Auto-update of Azure Log Analytics agent and Diagnostics Extension for Linux extension available - Microsoft Tech Community
ADX Web Explorer updates – July 2022 - Microsoft Tech Community
Improving the tools for monitoring Log Analytics workspace health - Microsoft Tech Community
Public preview: User-assigned Managed Identity support for Azure Monitor Agent | Azure updates | Microsoft Azure
Stuff from Partners
Try before you buy: Road-testing Microsoft Sentinel for a local housing association
Stuff in the News
microsoft: Microsoft unveils new solutions for threat intelligence, attack surface management, Telecom News, ET Telecom
Stuff to Have
Sentinel-Queries/Audit-AppProxySettoPassThrough.kql at main · reprise99/Sentinel-Queries · GitHub
KQL_Intune/Device-iOSVersions.kql at main · ugurkocde/KQL_Intune · GitHub
KQL_Intune/Device-DevicesRegisteredButNotManagedByIntune.kql at main · ugurkocde/KQL_Intune · GitHub
Did you enjoy this issue?
Rod Trent

The Microsoft Sentinel weekly newsletter helps uncover the new and important features and news for Microsoft's cloud-based SIEM+SOAR security tool.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue