Automate your SOC – Risky Business

Giving your incidents a risk score So, you’ve installed STAT using the deployment ARM template? Yes, ok let’s go. If not, see our tutorial on getting it installed here. Let’s start by navigating to your Logic Apps blade in the Azure portal. Here you will see that STAT installed fifteen logic apps. We will go … Continue reading Automate your SOC – Risky Business

Let’s automate your SOC

Intro to Microsoft Sentinel Triage Assistant (STAT) We wanted to jump right in to help you automate your security operations by introducing the Microsoft Sentinel Triage Assistant or STAT for short. STAT is built on a series of Azure Logic Apps which can be integrated into Microsoft Sentinel, Azure Active Directory, and the 365 Defender … Continue reading Let’s automate your SOC

Recipes for Automation: Reading About Updated Microsoft Sentinel Content in a Microsoft Teams SOC Channel

This post is part of an ongoing series to provide ideas for enhancing security operations through automation. Microsoft Sentinel has built-in SOAR capability, so the prescriptive guidance provided here can be implemented immediately and without much effort. ================================= Microsoft Sentinel is updated constantly, and many customers would like better ways to know when things are … Continue reading Recipes for Automation: Reading About Updated Microsoft Sentinel Content in a Microsoft Teams SOC Channel