The Run All Queries Azure Sentinel Hunting Option Returns! (and all the other fantastic announcements)

Amid of flurry of new preview announcements today (see below for the list), an old friend has returned.

In February this past year, I talked about how the “Run All” button had been replaced with a “Run Displayed” option instead in the Hunting blade for Azure Sentinel. There was a bit of consternation in this move. But, after some discussion internally and building the case, this feature has been brought back — and better than before.

So, make sure you use it!!! If you stop using, it could disappear again.

Run all queries!

Full list of today’s announcements…

I’ll be digging through each of these new features in the coming days, so stay tuned.

What’s New: Fusion Advanced Multistage Attack Detection Scenarios with Scheduled Analytics Rules – Microsoft Tech Community

What’s new: Hunting dashboard refresh – Microsoft Tech Community

What’s new: Incident Team – collaborate in Microsoft Teams – Microsoft Tech Community

What’s new: IP entity page – Microsoft Tech Community

Introducing Azure Sentinel Solutions! – Microsoft Tech Community

RSA Conference 2021: New innovations for Azure Sentinel – Microsoft Tech Community

Democratize Machine Learning with Customizable ML Anomalies – Microsoft Tech Community


[Want to discuss this further? Hit me up on Twitter or LinkedIn]

[Subscribe to the RSS feed for this blog]

[Subscribe to the Weekly Azure Sentinel Newsletter]