You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/soc-optimization/soc-optimization-access.md
+3-11Lines changed: 3 additions & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -61,15 +61,6 @@ Optimization metrics shown at the top of the **Overview** tab give you a high le
61
61
62
62
Supported metrics at the top of the **Overview** tab include:
63
63
64
-
### [Azure portal](#tab/azure-portal)
65
-
66
-
|Title |Description |
67
-
|---------|---------|
68
-
|**Ingested data over the last 3 months**| Shows the total data ingested in your workspace over the last three months. |
69
-
|**Optimizations status**| Shows the number of recommended optimizations that are currently active, completed, and dismissed. |
70
-
71
-
Select **See all threat scenarios** to view the full list of relevant threat and risk-based scenarios, percentages of active and recommended analytics rules, and coverage levels.
72
-
73
64
### [Defender portal](#tab/defender-portal)
74
65
75
66
|Title | Description |
@@ -86,7 +77,7 @@ Select **See all threat scenarios** to view the full list of relevant threat and
86
77
|**Ingested data over the last 3 months**| Shows the total data ingested in your workspace over the last three months. |
87
78
|**Optimizations status**| Shows the number of recommended optimizations that are currently active, completed, and dismissed. |
88
79
89
-
Select **See all threat scenarios** to view the full list of relevant threats, percentages of active and recommended analytics rules, and coverage levels.
80
+
Select **See all threat scenarios** to view the full list of relevant threat and risk-based scenarios, percentages of active and recommended analytics rules, and coverage levels.
90
81
91
82
---
92
83
@@ -116,7 +107,8 @@ Filter the optimizations based on optimization type, or search for a specific op
116
107
117
108
-**Coverage** : Includes recommendations to help you close coverage gaps against specific threats and tighten your ingestion rates against data that doesn't provide security value. Includes:
118
109
-**Threat-based recommendations** for adding security controls to help close coverage gaps for various types of attacks.
119
-
-**AI MITRE ATT&CK recommendations** for adding tagging recommendations to help close coverage gaps for various types of attacks, based on the MITRE ATT&CK framework. - **Risk-based recommendations** for adding security controls to help close coverage gaps for various types of business risks.
110
+
-**AI MITRE ATT&CK recommendations** for adding tagging recommendations to help close coverage gaps for various types of attacks, based on the MITRE ATT&CK framework.
111
+
-**Risk-based recommendations** for adding security controls to help close coverage gaps for various types of business risks.
120
112
-**Data value**: Includes recommendations that suggest ways to improve your data usage for maximizing security value from ingested data, or suggest a better data plan for your organization.
Copy file name to clipboardExpand all lines: articles/sentinel/soc-optimization/soc-optimization-reference.md
+1-1Lines changed: 1 addition & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -27,7 +27,7 @@ Microsoft Sentinel SOC optimizations include the following types of recommendati
27
27
28
28
-**Coverage based recommendations** suggest adding controls to prevent coverage gaps that can lead to vulnerability to attacks or scenarios that can lead to financial loss.
29
29
-**Threat-based recommendations** suggest adding security controls that help you detect coverage gaps to prevent attacks and vulnerabilities.
30
-
-**AI MITRE ATT&CK tagging recommendations (Preview)**increase security coverage using artificial intelligence to automatically tag security detections with MITRE ATT&CK tactics and techniques.
30
+
-**AI MITRE ATT&CK tagging recommendations (Preview)**uses artificial intelligence to suggest tagging security detections with MITRE ATT&CK tactics and techniques.
31
31
-**Risk-based recommendations (Preview)** suggest adding controls to detect coverage gaps that correlate with use cases that could lead to business risks and financial loss, including Operational, Financial, Reputational, Compliance, and Legal business risks.
32
32
33
33
-**Similar organizations recommendations** suggest ingesting data from the types of sources used by organizations which have similar ingestion trends and industry profiles to yours.
0 commit comments