![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Triage incidents in Microsoft Sentinel What is Triaging? The SOC’s initial level is triaging. Triaging incoming security situations and assessing their seriousness are the responsibilities of Tier 1 employees. This entails figuring out the incident’s origin, estimating its size, and…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
13th section starting and this time were are learning on automation, alerts and remediation. Configure automation rules By centrally managing automation rules for event management, users may streamline complicated incident orchestration procedures. Automation rules are triggered by the creation of…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Why to? For now policy settings can be moved at your own pace but the procedure is completely reversible. While you specifically specify authentication methods for users and groups in the Authentication methods policy, you can continue to employ tenant-wide…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Microsoft’s Cross-tenant features When it comes to the cross-tenant access features, Microsoft has a strong road plan so far. There won’t be any more external users or jumping between Teams tenants when you require access to various tenants, which we…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
12th section starting with more Sentinel. This time we are classifying Entities, creating custom log in Log Analytics and parsing the content. So let’s do some designs and configurations. Classify and analyze data by using entities You can do the…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Or Azure AD for customers, yes Azure AD for customers. That’s the name of the game. Microsoft released this excellent feature at Build yesterday and I wanted to elaborate it a bit more. Why to use it? Azure AD makes…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
11th section starting with more and more Sentinel. Already in this series we saw that how the different pieces are connected and helping you SOC teams to proactively work on threats. So let’s do some designs and configurations. Design and…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
And in this 10th section on my SC-200 study guide we will go through the following topics. Identify data sources to be ingested for Microsoft Sentinel On August 31, 2024, the Log Analytics agent is deprecated. You should begin preparing…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
We are already at the 9th section on my study guide and this time we will start with Sentinel. First I want to point the Ninja training that Ofer Shezaf’s and him team has made for you. It was updated…
![Harri Jaakkonen](https://i0.wp.com/www.cloudpartner.fi/wp-content/uploads/2021/09/harri_pic.jpg?fit=32%2C32&ssl=1)
Azure AD Application proxy is an essential tool for providing access to your on-premises applications. In the past you could use it as a reverse proxy to internal Web-based (accessible with browser) applications and you could define One URI per…