question

AshishHingmire-4956 avatar image
0 Votes"
AshishHingmire-4956 asked AshishHingmire-4956 commented

Azure sentinel Built in Threat Intelligence

Team,

We want to understand does Microsoft provides built in Threat intel on Azure sentinel SIEM like IBM Qradar has IBM X-force and other SIEM vendors? If yes, Where & how can we check it? How can we validate if the latest IOC's are imported from Microsoft provided threat intel on azure sentinel?

Please help.

Note: I am not looking for any 3rd part TAXII server or Threat Intelligence platform integration with Azure sentinel.

microsoft-sentinel
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello Experts,

Can you please update on above query?

0 Votes 0 ·

Do we have any update on this? Please share your thoughts.

0 Votes 0 ·

1 Answer

YashMudaliar-2108 avatar image
1 Vote"
YashMudaliar-2108 answered AshishHingmire-4956 commented

Hi @AshishHingmire-4956 ,

Sentinel does have built-in TI connectors of it's own.

I have uploaded the screenshot, please check.

If I was able to answer your question, please upvote my comment.

Cheers,
Yash

!90407-screenshot-2021-04-22-181828.png



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello Yash,
Thanks for your response. I know these options are available to integrate 3rd party TI feeds.
Does Microsoft has their own TI feed? If yes how to check the IOC's loaded in Sentinel?

0 Votes 0 ·