You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/includes/unified-soc-preview-without-alert.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,10 +4,10 @@ description: "include file"
4
4
services: microsoft-sentinel
5
5
author: cwatson-cat
6
6
ms.topic: "include"
7
-
ms.date: 03/27/2024
7
+
ms.date: 05/29/2024
8
8
ms.author: cwatson
9
9
ms.custom: "include file"
10
10
---
11
11
12
-
Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](../microsoft-sentinel-defender-portal.md).
12
+
Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](../microsoft-sentinel-defender-portal.md).
Copy file name to clipboardExpand all lines: articles/sentinel/includes/unified-soc-preview.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,10 +4,10 @@ description: "include file"
4
4
services: microsoft-sentinel
5
5
author: cwatson-cat
6
6
ms.topic: "include"
7
-
ms.date: 03/27/2024
7
+
ms.date: 05/29/2024
8
8
ms.author: cwatson
9
9
ms.custom: "include file"
10
10
---
11
11
12
12
> [!IMPORTANT]
13
-
> Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](../microsoft-sentinel-defender-portal.md).
13
+
> Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see [Microsoft Sentinel in the Microsoft Defender portal](../microsoft-sentinel-defender-portal.md).
Copy file name to clipboardExpand all lines: articles/sentinel/microsoft-sentinel-defender-portal.md
+5-7Lines changed: 5 additions & 7 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,32 +4,30 @@ description: Learn about changes in the Microsoft Defender portal with the integ
4
4
author: cwatson-cat
5
5
ms.author: cwatson
6
6
ms.topic: conceptual
7
-
ms.date: 04/29/2024
7
+
ms.date: 05/29/2024
8
8
appliesto:
9
9
- Microsoft Sentinel in the Microsoft Defender portal
10
10
ms.collection: usx-security
11
11
---
12
12
13
-
# Microsoft Sentinel in the Microsoft Defender portal (preview)
13
+
# Microsoft Sentinel in the Microsoft Defender portal
14
14
15
-
Microsoft Sentinel is available as part of the public preview for the unified security operations platform in the Microsoft Defender portal. For more information, see:
15
+
Microsoft Sentinel is available as part of the unified security operations platform in the Microsoft Defender portal. Microsoft Sentinel in the Defender portal is now supported for production use. For more information, see:
16
16
17
17
-[Unified security operations platform with Microsoft Sentinel and Defender XDR](https://aka.ms/unified-soc-announcement)
18
18
-[Connect Microsoft Sentinel to Microsoft Defender XDR](/microsoft-365/security/defender/microsoft-sentinel-onboard)
19
19
20
20
This article describes the Microsoft Sentinel experience in the Microsoft Defender portal.
21
21
22
-
> [!IMPORTANT]
23
-
> Information in this article relates to a prerelease product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
24
-
25
22
## New and improved capabilities
26
23
27
24
The following table describes the new or improved capabilities available in the Defender portal with the integration of Microsoft Sentinel and Defender XDR.
28
25
29
26
| Capabilities | Description |
30
27
| ----------------- | ------------------------ |
31
28
| Advanced hunting | Query from a single portal across different data sets to make hunting more efficient and remove the need for context-switching. View and query all data including data from Microsoft security services and Microsoft Sentinel. Use all your existing Microsoft Sentinel workspace content, including queries and functions.<br><br> For more information, see [Advanced hunting in the Microsoft Defender portal](https://go.microsoft.com/fwlink/p/?linkid=2264410). |
32
-
| Attack disrupt | Deploy automatic attack disruption for SAP with both the unified security operations platform and the Microsoft Sentinel solution for SAP applications. For example, contain compromised assets by locking suspicious SAP users in case of a financial process manipulation attack. <br><br>Attack disruption capabilities for SAP are available in the Defender portal only. To use attack disruption for SAP, update your data connector agent version and ensure that the relevant Azure role is assigned to your agent's identity. <br><br> For more information, see [Automatic attack disruption for SAP (Preview)](sap/deployment-attack-disrupt.md). |
29
+
| Attack disrupt | Deploy automatic attack disruption for SAP with both the unified security operations platform and the Microsoft Sentinel solution for SAP applications. For example, contain compromised assets by locking suspicious SAP users in case of a financial process manipulation attack. <br><br>Attack disruption capabilities for SAP are available in the Defender portal only. To use attack disruption for SAP, update your data connector agent version and ensure that the relevant Azure role is assigned to your agent's identity. <br><br> For more information, see [Automatic attack disruption for SAP](sap/deployment-attack-disrupt.md). |
30
+
|SOC optimizations | Get high-fidelity and actionable recommendations to help you identify areas to:<br>- Reduce costs <br>- Add security controls<br>- Add missing data<br>SOC optimizations are available in the Defender and Azure portals, are tailored to your environment, and are based on your current coverage and threat landscape. <br><br>For more information, see the following articles:<br>- [Optimize your security operations](soc-optimization/soc-optimization-access.md) <br>- [SOC optimization reference of recommendations](soc-optimization/soc-optimization-reference.md)|
33
31
| Unified entities | Entity pages for devices, users, IP addresses, and Azure resources in the Defender portal display information from Microsoft Sentinel and Defender data sources. These entity pages give you an expanded context for your investigations of incidents and alerts in the Defender portal.<br><br>For more information, see [Investigate entities with entity pages in Microsoft Sentinel](/azure/sentinel/entity-pages). |
34
32
| Unified incidents | Manage and investigate security incidents in a single location and from a single queue in the Defender portal. Incidents include:<br>- Data from the breadth of sources<br>- AI analytics tools of security information and event management (SIEM)<br>- Context and mitigation tools offered by extended detection and response (XDR) <br><br> For more information, see [Incident response in the Microsoft Defender portal](/microsoft-365/security/defender/incidents-overview). |
Copy file name to clipboardExpand all lines: articles/sentinel/sap/deployment-attack-disrupt.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -4,15 +4,15 @@ description: Learn about deploying automatic attack disruption for SAP with the
4
4
author: batamig
5
5
ms.author: bagol
6
6
ms.topic: concept
7
-
ms.date: 04/07/2024
7
+
ms.date: 05/29/2024
8
8
appliesto:
9
9
- Microsoft Sentinel in the Azure portal
10
10
- Microsoft Sentinel in the Microsoft Defender portal
11
11
ms.collection: usx-security
12
12
#customerIntent: As a security engineer, I want to deploy automatic attack disruption for SAP with the unified security operations platform.
13
13
---
14
14
15
-
# Automatic attack disruption for SAP (Preview)
15
+
# Automatic attack disruption for SAP
16
16
17
17
Microsoft Defender XDR correlates millions of individual signals to identify active ransomware campaigns or other sophisticated attacks in the environment with high confidence. While an attack is in progress, Defender XDR disrupts the attack by automatically containing compromised assets that the attacker is using through automatic attack disruption. Automatic attack disruption limits lateral movement early on and reduces the overall impact of an attack, from associated costs to loss of productivity. At the same time, it leaves security operations teams in complete control of investigating, remediating, and bringing assets back online.
18
18
@@ -43,4 +43,4 @@ For more information, see:
43
43
44
44
## Related content
45
45
46
-
For more information, see [Microsoft Sentinel in the Microsoft Defender portal (preview)](../microsoft-sentinel-defender-portal.md).
46
+
For more information, see [Microsoft Sentinel in the Microsoft Defender portal](../microsoft-sentinel-defender-portal.md).
![prmerger-automator[bot]](https://avatars.githubusercontent.com/u/22479449?v=4&size=40){kind=avatar}
0 commit comments