#defenderti — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #defenderti, aggregated by home.social.
-
Microsoft Defender Threat Intelligence (Defender TI) is now available to licensed customers within the Microsoft 365 Defender (M365 Defender) portal, placing its powerful threat intelligence side-by-side with the advanced XDR functionality of M365 Defender.
Use Cases
➡ Advanced hunting with Defender TI IOCs against the logs and Events within Microsoft 365 Defender
➡Upload IOC to a storage account\public GitHub
➡Using KQL Externaldata operator as correlation source and proactive hunting and enabling custom detection on M365 Defender
➡M365 Defender Raw Event Detection
➡M365D Raw events flow into Sentinel with the M365 Defender Data connector
➡MDTI Feeds flow into Sentinel with MDTI Data connector
➡Manual TI correlation rule
#DefenderTI #TI #threatintelligence #MicrosoftDefenderThreatIntelligence #xdr #soc #securityplatform #securityanalytst #m365defender #microsoft365defender #microsoft #azure #intelligence #ioc #threathunting #ttp
-
Microsoft Defender Threat Intelligence (Defender TI) is now available to licensed customers within the Microsoft 365 Defender (M365 Defender) portal, placing its powerful threat intelligence side-by-side with the advanced XDR functionality of M365 Defender.
Use Cases
➡ Advanced hunting with Defender TI IOCs against the logs and Events within Microsoft 365 Defender
➡Upload IOC to a storage account\public GitHub
➡Using KQL Externaldata operator as correlation source and proactive hunting and enabling custom detection on M365 Defender
➡M365 Defender Raw Event Detection
➡M365D Raw events flow into Sentinel with the M365 Defender Data connector
➡MDTI Feeds flow into Sentinel with MDTI Data connector
➡Manual TI correlation rule
#DefenderTI #TI #threatintelligence #MicrosoftDefenderThreatIntelligence #xdr #soc #securityplatform #securityanalytst #m365defender #microsoft365defender #microsoft #azure #intelligence #ioc #threathunting #ttp