![]() ![]() New Hunting queries can be found under the filter PROVIDER: Custom Queries. Before deploying you can edit the query manually. This button imports query to the Hunting saved search page in the Sentinel. Now you can simply use the “Deploy In My Sentinel” button in your TDM account to deploy queries in the Azure Sentinel. SOC Prime TDM Integration with Azure Sentinel Hunting search queries For example, a test and production environment. ![]() You can add new configuration, edit or delete existing configuration. To add another Azure Sentinel tenant press ‘API Configuration’ button. There is a set of parameters that need to be configured for the Microsoft Azure Sentinel API Configuration:ĭetailed instructions on how to setup Azure Sentinel API app are in the section ‘How to Get Credentials”, press (i) button. When deploying rules choose where exactly you want to deploy them. You can now add in the “Microsoft Azure Sentinel API” configuration (available in your TDM profile menu). Multi-tenancy hook between TDM and Azure Sentinel API is now available on the TDM. The second thing we’ve focused on is the automated method of streamlining rules via Azure Sentinel API. Just try it out via Uncoder.io by SOC Prime and let us know what you think □ That’s what we can easily do now to convert Sigma rules into functional Azure Sentinel queries & rules.Įasy? We’re pretty sure it’s a nice one feature that will definitely save you some time. With an easy, fast and private UI you can translate the queries from one tool to another without a need to access the SIEM environment and in a matter of just a few seconds. Uncoder.io, a free SOC Prime’s service and one common language for Cybersecurity will help us to manage that in the most obvious way using Sigma language. Let’s start with the first feature that stands for Integration with sigma integration with Azure Sentinel. In this blog we’re thrilled to announce SOC Prime’s 4 new TDM features that come thanks to our 3d party integration with Microsoft Azure Sentinel, which aims to help businesses save their security awareness and reduce implementation time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |