Getting started with Microsoft Sentinel Tasks to Standardise Cyber Security Incident Response
Рет қаралды 2,875
Күн бұрын
@janetwilcox5314 Жыл бұрын
Outstanding
@b2secops Жыл бұрын
Thanks for the video, do you require VirusTotal premium for the lookup from Sentinel to work?
@jackobyte Жыл бұрын
Great video, just wondering.. adding the tasks (via the automation rule) shouldnt have an effect on costs? its only when they are logic apps? is that right?
@progod6017 Жыл бұрын
I had no idea virus total has a free API. Thanks for sharing!
@alexandervogtsanchez7522 Жыл бұрын
It's pretty much useless if you have a medium to high volume of IPs included in alerts/incidents. Rate limit is like 4 per minute. BTW sentinel now has enrichment widgets for IP addresses so no need to include a task for this. If you still want to use logic apps, use the HTTP connector rather than the built-in virus total one. This way you can check the status code of the call. If it returns 204 you can call another HTTP with a different api key. Somewhat ugly but could work to overcome rate limitations
@progod6017 Жыл бұрын
it is actually useless. true. @@alexandervogtsanchez7522
Oscar's Funny World
Рет қаралды 12 МЛН
Sudo Rootcast (The Security Channel)
Рет қаралды 12 М.
AzureVlog
Рет қаралды 3,3 М.
AzureVlog
Рет қаралды 9 М.
AzureVlog
Рет қаралды 855
Getting Started with Setting up Azure Sentinel, Generate Alerts and Send Email using Azure Logic App
AnubhavinIT
Рет қаралды 4,9 М.