Merge pull request #247589 from dcurwin/episode35

v-ccolin · web-flow · commit e4865590f847 · 2023-08-08T10:59:59.000+01:00
Episode 35
diff --git a/articles/defender-for-cloud/TOC.yml b/articles/defender-for-cloud/TOC.yml
@@ -860,7 +860,9 @@
     - name: Agentless Container Posture Management
       href: episode-thirty-three.md
     - name: Understanding the DevOps Threat Matrix
-      href: episode-thirty-four.md              
+      href: episode-thirty-four.md
+    - name: Security alert correlation
+      href: episode-thirty-five.md                 
   - name: Manage user data
     href: privacy.md
   - name: Microsoft Defender for IoT documentation
diff --git a/articles/defender-for-cloud/episode-thirty-five.md b/articles/defender-for-cloud/episode-thirty-five.md
@@ -0,0 +1,39 @@
+---
+title: Security alert correlation | Defender for Cloud in the Field 
+description: Security alert correlation
+ms.topic: reference
+ms.date: 08/08/2023
+---
+
+# Security alert correlation
+
+**Episode description**:  In this episode of Defender for Cloud in the Field, Daniel Davrayev joins Yuri Diogenes to talk about security alert correlation capability in Defender for Cloud. Daniel talks about the importance of have a built-in capability to correlate alerts in Defender for Cloud, how this saves time for SOC analysts to investigate alert and respond to potential threats. Daniel also explains how data correlation works and demonstrate how this correlation appears in Defender for Cloud dashboard as a security incident.
+
+<br>
+<br>
+<iframe src="https://aka.ms/docs/player?id=6573561d-70a6-4b4c-ad16-9efe747c9a61" width="1080" height="530" allowFullScreen="true" frameBorder="0"></iframe>
+
+- [00:00](/shows/mdc-in-the-field/security-alert-correlation#time=00m00s) - Intro
+- [02:15](/shows/mdc-in-the-field/security-alert-correlation#time=02m15s) - How Defender for Cloud handles alert prioritization
+- [04:29](/shows/mdc-in-the-field/security-alert-correlation#time=04m29s) - How Defender for Cloud can help with alert correlation
+- [07:05](/shows/mdc-in-the-field/security-alert-correlation#time=07m05s) - How Defender for Cloud creates alerts correlation
+- [09:06](/shows/mdc-in-the-field/security-alert-correlation#time=09m06s) - Does alert correlation works across different Defender for Cloud plans?
+- [11:42](/shows/mdc-in-the-field/security-alert-correlation#time=11m42s) - Demonstration
+
+## Recommended resources
+
+- [Learn more](https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/correlating-alerts-in-microsoft-defender-for-cloud/ba-p/3839209)
+- Subscribe to [Microsoft Security on YouTube](https://www.youtube.com/playlist?list=PL3ZTgFEc7LysiX4PfHhdJPR7S8mGO14YS)
+- Learn more about [Microsoft Security](https://msft.it/6002T9HQY)
+
+- Follow us on social media:
+
+  - [LinkedIn](https://www.linkedin.com/showcase/microsoft-security/)
+  - [Twitter](https://twitter.com/msftsecurity)
+
+- Join our [Tech Community](https://aka.ms/SecurityTechCommunity)
+
+## Next steps
+
+> [!div class="nextstepaction"]
+> [New AWS Connector in Microsoft Defender for Cloud](episode-one.md)
