Skip to content

SOX IT Compliance Solution #13298

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
v-dvedak merged 12 commits into from
Dec 17, 2025
Merged

SOX IT Compliance Solution #13298

v-dvedak merged 12 commits into from
Dec 17, 2025

Conversation

@Alekhya0824
Copy link
Contributor

@Alekhya0824 Alekhya0824 commented Dec 11, 2025

Required items, please complete

Change(s):

Adding New Solution - SOX IT Compliance
Reason for Change(s):

Adding New Solution - SOX IT Compliance
Version Updated:

3.0.0
Testing Completed:

Yes
Checked that the validations are passing and have addressed any issues that are present:

Yes

@Alekhya0824 Alekhya0824 requested review from a team as code owners December 11, 2025 13:38
@v-shukore v-shukore self-assigned this Dec 12, 2025
@v-shukore v-shukore added the New Solution For new Solutions which are new to Microsoft Sentinel label Dec 12, 2025
@rahul0216 rahul0216 requested a review from Copilot December 12, 2025 10:10
Copilot AI reviewed Dec 12, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request adds metadata for a new "SOX IT Compliance" workbook to the Microsoft Sentinel workbooks collection. The workbook aims to help organizations monitor, validate, and report on Sarbanes-Oxley (SOX) IT General Controls (ITGC) by consolidating data from multiple Azure and Microsoft 365 security and audit sources.

Key Changes

  • Added a new workbook metadata entry for "SOX IT Compliance" solution
  • Configured data dependencies for 10 data types including SigninLogs, AuditLogs, SecurityEvent, BehaviorAnalytics, and SQL audit logs
  • Specified 6 data connector dependencies including Azure Active Directory, Defender for Identity, and Azure SQL

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Workbooks/WorkbooksMetadata.json Outdated
Comment on lines 9764 to 9789
"BehaviorAnalytics",
"AzureActivity",
"OfficeActivity",
"SecurityAlert",
"SecurityIncident",
"SqlAuditLogs",
"SqlSecurityAuditEvents"
],
"dataConnectorsDependencies": [
"AzureActiveDirectory",
"MicrosoftDefenderForIdentity",
"AzureActivityLog",
"Office365",
"WindowsSecurityEvents",
"AzureSql"
],
"previewImagesFileNames": [
"SOXITComplianceWhite.png",
"SOXITComplianceBlack.png"
],
"version": "1.0.0",
"title": "SOX IT Compliance",
"templateRelativePath": "SOXITCompliance.json",
"subtitle": "",
"provider": "Microsoft"
}
Copy link

Copilot AI Dec 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The indentation in this new entry uses spaces instead of tabs, which is inconsistent with the rest of the file. All other entries in this file use tabs for indentation. This indentation should be changed to use tabs to maintain consistency with the existing codebase.

Suggested change
"BehaviorAnalytics",
"AzureActivity",
"OfficeActivity",
"SecurityAlert",
"SecurityIncident",
"SqlAuditLogs",
"SqlSecurityAuditEvents"
],
"dataConnectorsDependencies": [
"AzureActiveDirectory",
"MicrosoftDefenderForIdentity",
"AzureActivityLog",
"Office365",
"WindowsSecurityEvents",
"AzureSql"
],
"previewImagesFileNames": [
"SOXITComplianceWhite.png",
"SOXITComplianceBlack.png"
],
"version": "1.0.0",
"title": "SOX IT Compliance",
"templateRelativePath": "SOXITCompliance.json",
"subtitle": "",
"provider": "Microsoft"
}
"BehaviorAnalytics",
"AzureActivity",
"OfficeActivity",
"SecurityAlert",
"SecurityIncident",
"SqlAuditLogs",
"SqlSecurityAuditEvents"
],
"dataConnectorsDependencies": [
"AzureActiveDirectory",
"MicrosoftDefenderForIdentity",
"AzureActivityLog",
"Office365",
"WindowsSecurityEvents",
"AzureSql"
],
"previewImagesFileNames": [
"SOXITComplianceWhite.png",
"SOXITComplianceBlack.png"
],
"version": "1.0.0",
"title": "SOX IT Compliance",
"templateRelativePath": "SOXITCompliance.json",
"subtitle": "",
"provider": "Microsoft"
}

Copilot uses AI. Check for mistakes.
vakohl
vakohl requested changes Dec 15, 2025
View reviewed changes
vakohl
vakohl previously approved these changes Dec 16, 2025
View reviewed changes
@v-dvedak v-dvedak merged commit 14c7b0f into master Dec 17, 2025
33 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@v-dvedak v-dvedak v-dvedak approved these changes

@v-shukore v-shukore v-shukore approved these changes

@vakohl vakohl vakohl left review comments

Assignees

@v-shukore v-shukore

Labels

Content-Package New Solution For new Solutions which are new to Microsoft Sentinel P0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Alekhya0824 @vakohl @v-dvedak @v-shukore