Merge pull request #183406 from shhazam-ms/Fastlane--10.5.4

ttorble · web-flow · commit 00f926dc4adc · 2021-12-21T10:20:41.000Z
Fastlane  10.5.4
diff --git a/articles/defender-for-iot/organizations/release-notes.md b/articles/defender-for-iot/organizations/release-notes.md
@@ -33,11 +33,21 @@ Microsoft plans to release updates for Defender for IoT no less than once per qu
 
 ## December 2021
 
-**Apache Log4j vulnerability**
+- [Enhanced integration with Microsoft Sentinel (Preview)](#enhanced-integration-with-microsoft-sentinel-preview)
+- [Apache Log4j vulnerability](#apache-log4j-vulnerability)
+- [Alerting](#alerting)
+
+### Enhanced integration with Microsoft Sentinel (Preview)
+
+The new **IoT OT Threat Monitoring with Defender for IoT solution** is available and provides enhanced capabilities for Microsoft Defender for IoT integration with Microsoft Sentinel. The **IoT OT Threat Monitoring with Defender for IoT solution** is a set of bundled content, including analytics rules, workbooks, and playbooks, configured specifically for Defender for IoT data. This solution currently supports only Operational Networks (OT/ICS). 
+
+For information on integrating with Microsoft Sentinel, see [Tutorial: Integrate Defender for Iot and Sentinel](/azure/sentinel/iot-solution?tabs=use-out-of-the-box-analytics-rules-recommended)
+
+### Apache Log4j vulnerability
 
 Version 10.5.4 of Microsoft Defender for IoT mitigates the Apache Log4j vulnerability. For details, see [the security advisory update](https://techcommunity.microsoft.com/t5/microsoft-defender-for-iot/updated-15-dec-defender-for-iot-security-advisory-apache-log4j/m-p/3036844).
 
-**Alerting**
+### Alerting
 
 Version 10.5.4 of Microsoft Defender for IoT delivers important alert enhancements:
 
@@ -46,7 +56,7 @@ Version 10.5.4 of Microsoft Defender for IoT delivers important alert enhancemen
 
 These changes reduce alert volume and enable more efficient targeting and analysis of security and operational events.
 
-### Alerts permanently disabled
+#### Alerts permanently disabled
 
 The alerts listed below are permanently disabled with version 10.5.4. Detection and monitoring are still supported for traffic associated with the alerts.
 
@@ -56,7 +66,7 @@ The alerts listed below are permanently disabled with version 10.5.4. Detection
 - Unauthorized HTTP Server
 - Abnormal usage of MAC Addresses
 
-### Alerts disabled by default
+#### Alerts disabled by default
 
 The alerts listed below are disabled by default with version 10.5.4. You can re-enable the alerts from the Support page of the sensor console, if required.
 
@@ -77,7 +87,7 @@ Disabling these alerts also disables monitoring of related traffic. Specifically
 - Unauthorized HTTP User Agent alert and HTTP User Agents Data Mining traffic
 - Unauthorized HTTP SOAP Action and HTTP SOAP Actions Data Mining traffic
 
-### Updated alert functionality
+#### Updated alert functionality
 
 **Unauthorized Database Operation alert**
 Previously, this alert covered DDL and DML alerting and Data Mining reporting. Now:
