Monthly Archives: February 2020

Alert Grouping feature in Azure Sentinel

Posted on 02/24/2020 by azsec

One of the things that SecOps guys needs when working with Azure Sentinel is the ability to group all alerts that have similar characteristics into a single incident in order to better manage and respond. Given an example about Traffic … Continue reading →

Posted in Monitoring & Detection | Tagged azure security center, azure sentinel alert grouping | Leave a comment

Add custom Azure Policy to Azure Security Center Recommendation

Posted on 02/10/2020 by azsec

You know that Azure Security Center recommendation is powered by Azure Policy and you can disable recommendation that may not be applicable to your environment. Along with that, you can even add a custom Azure Policy into Azure Security Center … Continue reading →

Posted in Governance & Compliance | Tagged azure policy, azure security center recommendation | Leave a comment

Export virtual machines with ASC monitoring agent issue

Posted on 02/08/2020 by azsec

There is a recommendation named “Monitoring agent health issues should be resolved on your machine” in Azure Security Center that provides you list of unhealthy resources (virtual machine resource type). There are several reasons that can cause unhealthy monitoring state … Continue reading →

Posted in Monitoring & Detection | Tagged azure resource graph, azure security center monitoring agent | Leave a comment