Azure Sentinel by Patrik

Security Incidents in Azure Sentinel

Manging and Investigating Incidents

An incident

  • is created based on alerts
  • can be based on first-party analytics from Microsoft Security Solutions
  • can also be created via a bookmark
  • can include one or multiple alerts
  • contains evidence that can be used for further investigation

Comments

Leave a Comment

All fields are required. Your email address will not be published.