Adding TI in Bulk to Microsoft Sentinel in Public Preview

Rod Trent Microsoft Sentinel July 27, 2022July 27, 2022 1 Minute

Today the ability to upload new Threat Intelligence (indicators) is available in Public Preview.

A new Import tab in the Threat Intelligence blade of the Microsoft Sentinel console allows you to import from a flat file (csv or JSON) and also manage existing imports.

The Docs are already available: Add indicators in bulk to Microsoft Sentinel threat intelligence from a CSV or JSON file

=========================

[Want to discuss this further? Hit me up on Twitter or LinkedIn]

[Subscribe to the RSS feed for this blog]

[Subscribe to the Weekly Microsoft Sentinel Newsletter]

[Subscribe to the Weekly Microsoft Defender Newsletter]

[Learn KQL with the Must Learn KQL series and book]

Rod Trent

Facebook
Twitter
Linkedin
Reddit
email

Tagged
Microsoft Sentinel

Published July 27, 2022July 27, 2022

You must log in to post a comment.

Author