Archives
- August 2020 (1)
- July 2020 (3)
- June 2020 (1)
- March 2020 (5)
- February 2020 (3)
- January 2020 (18)
- December 2019 (22)
- November 2019 (3)
- October 2019 (1)
- July 2019 (1)
- April 2019 (2)
- January 2019 (2)
- October 2018 (2)
- September 2018 (1)
- August 2018 (4)
- July 2018 (4)
- February 2018 (6)
- January 2018 (3)
- November 2017 (1)
- August 2017 (3)
- May 2017 (4)
- April 2017 (4)
- December 2016 (1)
Categories
- Application Security (1)
- Azure Security Center (10)
- Governance & Compliance (10)
- Host Protection (3)
- Identity & Access Control (7)
- Monitoring & Detection (15)
- Network Security (2)
- Secure Development (8)
- Security Automation (32)
- Security Operation (12)
- Service Overview (1)
- Uncategorized (1)
Archives
- August 2020 (1)
- July 2020 (3)
- June 2020 (1)
- March 2020 (5)
- February 2020 (3)
- January 2020 (18)
- December 2019 (22)
- November 2019 (3)
- October 2019 (1)
- July 2019 (1)
- April 2019 (2)
- January 2019 (2)
- October 2018 (2)
- September 2018 (1)
- August 2018 (4)
- July 2018 (4)
- February 2018 (6)
- January 2018 (3)
- November 2017 (1)
- August 2017 (3)
- May 2017 (4)
- April 2017 (4)
- December 2016 (1)
Categories
- Application Security (1)
- Azure Security Center (10)
- Governance & Compliance (10)
- Host Protection (3)
- Identity & Access Control (7)
- Monitoring & Detection (15)
- Network Security (2)
- Secure Development (8)
- Security Automation (32)
- Security Operation (12)
- Service Overview (1)
- Uncategorized (1)
Monthly Archives: July 2020
Get Alert Relation from an Incident using Azure Sentinel Incident Relation API
I have a few questions recently asking if we can get an associated alert for an incident. The idea is to know which alert that caused an incident so SecOps team could better investigate the issue. In this article, let’s … Continue reading
Posted in Security Automation
Tagged azure sentinel, azure sentinel api, azure sentinel incident
Leave a comment
Everything you need to know about Azure Security Center Alert Suppression
Different environments may have special configuration that may trigger the alert. And those false positive alerts keep annoying SecOps team. One of the features that SecOps guys working on Azure Security Center wish to have is the ability to automatically … Continue reading
Transform Azure Sentinel incident to Log Analytics Workspace with Logic App
As a SOC Analyst or Manager who are working on Azure Sentinel you would like to have a view of how productive your team is (response time, resolution..). As being familiar with Log Analytics query, you might wish to do … Continue reading
Posted in Security Automation
Tagged azure logic app, azure sentinel, azure sentinel incident
1 Comment