openaev icon indicating copy to clipboard operation
openaev copied to clipboard
Published 1 month ago verified publisher icon OpenAEV-Platform

Microsoft Sentinel - Improve our matching to accurately identify Blocked/Prevented

Open EllynBsc opened this issue 1 year ago • 0 comments

Description

Microsoft Defender alerts are collected in Microsoft Sentinel, but some of the information is not transmitted correctly.

We need to improve our keyword extraction in Sentinel so that if the expectation is 'Prevented' by Microsoft Defender then it should consistent and also be 'Prevented' by Microsoft Sentinel.

EllynBsc avatar Oct 25 '24 15:10 EllynBsc