The updated Azure Active Directory data connector now brings these important sign-in events into Azure sentinel. These new security objects perform login activity which is not captured in Azure Active Directory’s traditional sign-in logs. The shift to the cloud and the rise of automation tasks and service-to-service integration have contributed to a dramatic increase in the use of managed applications, service principals, and managed identities. We will also share the new security content we built and updated in the product, which includes analytics rules for the detection part and workbooks to assist our customers to deal with this blind spot. In this blog post, we will review the new Microsoft Sentinel data streams for Azure Active Directory non-interactive, service principal, and managed identity logins. ![]() Special thanks to for collaborating on this blog post with me!
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |