I’m a fortunate and blessed person because I get to spend so much time in the Azure Sentinel console. In over almost 2 years, there’s only a handful days that I’ve not fired up my web browser to access the Azure Sentinel environment. And, because of such I regularly find new features, small changes and enhancements, and even get an early view when features exit private preview into public preview and then when public preview features are officially released – before anyone else.
So, yes…I do have an internal environment that I can use, but actually prefer to use the same type of environment that my customers do – so I know exactly what they are seeing and I know exactly what they have access to use.
So, imagine my surprise this morning when working with my latest workshop customer I stopped, paused, and was able to (and probably gasped in delight) announce that Azure Sentinel Notebooks has shed it’s Preview tag overnight.
Notebooks are an amazing and valuable asset for SOCs using Azure Sentinel. If you’re not familiar with this feature/service because you’ve waited until publicly released, here’s some resources to use to get comfortable with the value…
- Use Jupyter Notebook to hunt for security threats: https://docs.microsoft.com/en-us/azure/sentinel/notebooks
- Notebooks in our GitHub repo: https://github.com/Azure/Azure-Sentinel-Notebooks
Now that it’s fully available, I’ll be talking about this feature quite a bit more.