How does the TIP knows that it is connected to right registered app? Step 2 of MS article suggest - For the target product, specify Azure Sentinel. But I do not see that in app registration or Sentinel. Also, anomal website has now been shut and I cannot use it in the bicep anymore?
Hi Jeroen, can you explain in a video how to automatically ingest the latest suspicious IP-Addresses or domains from Threat intelligence platforms or feeds into our Sentinel Analytics?
Hi Jeroen, Have you found a way to import IOCs into Sentinel from a STIX file?...here in USA usually CISA provides downloadable copy of IOCs via a STIX file.
Hi Amauris, I haven't done that yet. It does make sense to use STIX as it is becoming an industry standard. Let me figure out how STIX and Azure Sentinel can work together and let me get back to you.
How does the TIP knows that it is connected to right registered app? Step 2 of MS article suggest - For the target product, specify Azure Sentinel. But I do not see that in app registration or Sentinel. Also, anomal website has now been shut and I cannot use it in the bicep anymore?
Hi Jeroen, can you explain in a video how to automatically ingest the latest suspicious IP-Addresses or domains from Threat intelligence platforms or feeds into our Sentinel Analytics?
Best video on TI in Sentinel
How would you create a analytics query to search only new IOCs over a period of 90 days?
Hi Jeroen, Have you found a way to import IOCs into Sentinel from a STIX file?...here in USA usually CISA provides downloadable copy of IOCs via a STIX file.
Hi Amauris, I haven't done that yet. It does make sense to use STIX as it is becoming an industry standard. Let me figure out how STIX and Azure Sentinel can work together and let me get back to you.
@@AzureVlog Thanks for the prompt response. Take your time, I am doing my research as well.
There are Threat Intelligence services like Maltiverse that can be connected to Sentinel via TAXII connector. That works great
make video on MISP to Azure Sentinel Integration with diagram
That video might be on the backlog to create! Currently working on a integration of MISP with Sentinel :-)
@@AzureVlog Thank you