You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/sentinel/best-practices.md
+1-11Lines changed: 1 addition & 11 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -18,17 +18,11 @@ Best practice guidance is provided throughout the technical documentation for Mi
18
18
19
19
To get started with Microsoft Sentinel, see the [deployment guide](deploy-overview.md), which covers the high level steps to plan, deploy, and fine-tune your Microsoft Sentinel deployment. From that guide, select the provided links to find detailed guidance for each stage in your deployment.
20
20
21
-
<<<<<<< HEAD
22
-
## Recommended Microsoft security service integrations
23
-
=======
24
-
Start with the [deployment guide for Microsoft Sentinel](deploy-overview.md). The deployment guide covers the high level steps to plan, deploy, and fine-tune your Microsoft Sentinel deployment. From that guide, select the provided links to find detailed guidance for each stage in your deployment.
25
-
26
21
## Adopt a single-platform architecture
27
22
28
23
Microsoft Sentinel is integrated with a modern data lake that offers affordable, long-term storage enabling teams to simplify data management, optimize costs, and accelerate the adoption of AI. The Microsoft Sentinel data lake (preview) enables a single-platform architecture for security data and empowers analysts with a unified query experience while leveraging Microsoft Sentinel’s rich connector ecosystem. For more information, see [Microsoft Sentinel data lake (preview)](datalake/sentinel-lake-overview.md).
29
24
30
-
## Microsoft security service integrations
31
-
>>>>>>> 0ed5fa14c7c07cacf9e47dfc308cd405d74a052a
25
+
## Integrate Microsoft security services
32
26
33
27
Microsoft Sentinel is empowered by the components that send data to your workspace, and is made stronger through integrations with other Microsoft services. Any logs ingested into products, such as Microsoft Defender for Cloud Apps, Microsoft Defender for Endpoint, and Microsoft Defender for Identity, allow these services to create detections, and in turn provide those detections to Microsoft Sentinel. Logs can also be ingested directly into Microsoft Sentinel to provide a fuller picture for events and incidents.
34
28
@@ -48,13 +42,9 @@ More than ingesting alerts and logs from other sources, Microsoft Sentinel also:
48
42
- Provides **[threat response capabilities](overview.md#respond-to-threats)**, such as playbooks that integrate with Azure services and your existing tools.
49
43
-**Integrates with partner platforms** using [Microsoft Sentinel data connectors](connect-data-sources.md), providing essential services for SOC teams.
50
44
51
-
<<<<<<< HEAD
52
45
## Microsoft Sentinel in the Microsoft Defender portal
53
46
54
47
Consider onboarding Microsoft Sentinel to the Microsoft Defender portal to unify capabilities with Microsoft Defender XDR like incident management and advanced hunting. For more information, see the following articles:
55
-
=======
56
-
If you're using Microsoft Sentinel in the Azure portal, consider onboarding Microsoft Sentinel to the Microsoft Defender portal to unify capabilities with Microsoft Defender XDR like incident management and advanced hunting. For more information, see the following articles:
57
-
>>>>>>> 0ed5fa14c7c07cacf9e47dfc308cd405d74a052a
58
48
59
49
-[Connect Microsoft Sentinel to Microsoft Defender XDR](/defender-xdr/microsoft-sentinel-onboard)
60
50
-[Microsoft Sentinel in the Microsoft Defender portal](microsoft-sentinel-defender-portal.md)
0 commit comments