Please enable JavaScript.
Coggle requires JavaScript to display documents.
1.3 continuously monitor, webhook : allows an external service to start a…
1.3 continuously monitor
Azure Security Center
- identify and address risks and threats to your infrastructure
- on-premises and cloud resources.
- Improve your protection against security threats
- Ease the configuration of your security
-
-
-
-
Azure Monitor
- collecting, combining, and analyzing data from different sources
- services such as Azure Application Insights and Azure Security Center
Log Analytics
cross-resource query
to analyze the log data collected from other sources
- union
- reference workspaces by using workspace()
-
-
-
Azure Sentinel
- detailed overview of your organization, potentially across multiple clouds and on-premises locations
- avoid reliance on complex and disparate tools
- enterprise-grade AI
create
- creating a Log Analytics workspace
- then adding it to Sentinel.
connect data sources
integrates with Microsoft solutions, including Azure Active Directory and Office 365, through connectors
-
-
Incidents
-
- drill down into an incident
- look for entities
Entities can include users, devices, and appliances.
-
- webhook : allows an external service to start a particular runbook
- runbook: Azure Automation
- playbooks to automate your response
- notebooks to automate your investigations