Blog

“If the automation involves taking actions on critical production servers, you should review those actions before Microsoft Defender for Endpoint executes them.” The first step in implementing Microsoft Defender for Endpoint is to understand what the product does and...

“One big advantage of Microsoft Defender for Endpoint is its ability to automate many remediation functions so that you can respond much more quickly to alerts and events.” Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection [ATP])...

“The most challenging aspect of Azure Sentinel deployment is deciding what you need the system to tell you, and then configuring data collection and analytics so that you can extract that information.” Effective security monitoring and analysis require a security...

“Azure Sentinel automatically performs the analytical work on alerts and provides a clear, straightforward presentation of the incident history and event relationships.” The most important part of implementing Microsoft Azure Sentinel is knowing your objectives...

“Implementing Azure Sentinel is straightforward, coming down to implementing your data connections and deciding how much space to allocate for data storage.” Microsoft Azure Sentinel combines security information event management and security orchestration automated...

“Think about the quickest way to get from where you are now to where you want to be using Azure Sentinel.” When implementing Microsoft Azure Sentinel, you must • understand what you want to accomplish through Microsoft Azure Sentinel, which both monitors and...

“The machine learning and automation capabilities in Azure Sentinel are much further developed than in traditional SIEM solutions.” Microsoft Azure Sentinel is a security information and event management (SIEM) system for security orchestration automated response....

“Azure Sentinel correlates data from all those logs and presents events in real time in a single pane of glass.” A couple of years ago, we made the decision to move to the Microsoft Azure cloud. It was a strategic initiative to move all of our premise servers to the...

 “For new users, the biggest challenge will be learning how best to use the technology and data connections to produce the security protection they need.”   Microsoft Azure Sentinel is a security information event management solution hosted in the Azure public...

 “If an alert comes in through our security information and event management tool, we can look at it, isolate the machine, and check it out with just a few clicks.” When the Chief Information Officer brought me in to create the first-ever Information Security Office...