Merge pull request #219897 from limwainstein/data-immutability

prmerger-automator[bot] · web-flow · commit ae325c1cb056 · 2022-12-01T08:53:50.000Z
Adding tamper-proofing and immutability references
diff --git a/articles/sentinel/best-practices.md b/articles/sentinel/best-practices.md
@@ -1,8 +1,8 @@
 ---
 title: Best practices for Microsoft Sentinel
 description: Learn about best practices to employ when managing your Microsoft Sentinel workspace.
-author: batamig
-ms.author: bagol
+author: limwainstein
+ms.author: lwainstein
 ms.topic: conceptual
 ms.date: 11/09/2021
 ms.custom: ignite-fall-2021
diff --git a/articles/sentinel/overview.md b/articles/sentinel/overview.md
@@ -19,6 +19,9 @@ Microsoft Sentinel delivers intelligent security analytics and threat intelligen
 
 Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
 
+> [!NOTE]
+> Microsoft Sentinel inherits the Azure Monitor [tamper-proofing and immutability](../azure-monitor/logs/data-security.md#tamper-proofing-and-immutability) practices. While Azure Monitor is an append-only data platform, it includes provisions to delete data for compliance purposes.
+
 - **Collect data at cloud scale** across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
 
 - **Detect previously undetected threats**, and [minimize false positives](false-positives.md) using Microsoft's analytics and unparalleled threat intelligence.
