Today the ability to upload new Threat Intelligence (indicators) is available in Public Preview.
A new Import tab in the Threat Intelligence blade of the Microsoft Sentinel console allows you to import from a flat file (csv or JSON) and also manage existing imports.
The Docs are already available: Add indicators in bulk to Microsoft Sentinel threat intelligence from a CSV or JSON file
=========================
[Want to discuss this further? Hit me up on Twitter or LinkedIn]
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Microsoft Sentinel Newsletter]
[Subscribe to the Weekly Microsoft Defender Newsletter]
[Learn KQL with the Must Learn KQL series and book]
You must log in to post a comment.