You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: unified-secops-platform/whats-new.md
+5-4Lines changed: 5 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -33,21 +33,22 @@ Microsoft Sentinel-powered threat intelligence has moved in the Defender portal
33
33
34
34
:::image type="content" source="media/whats-new/intel-management-navigation.png" alt-text="Screenshot showing new menu placement for Microsoft Sentinel threat intelligence.":::
35
35
36
-
Along with the new location, the enhanced management interface brings a streamlined process for creating individual threat intel with these key features:
36
+
Along with the new location, the management interface streamlines the creation and curation of threat intel with these key features:
37
37
38
38
- Define relationships as you create new STIX objects.
39
39
- Curate existing threat intelligence with the new relationship builder.
40
-
- Quickly create multiple objects by using the duplicate feature to copy the metadata from a new or existing threat intel object.
40
+
- Create multiple objects quickly by copying common metadata from a new or existing TI object with the duplicate feature.
41
+
- Use advanced search to sort and filter your threat intelligence objects without even writing a Log Analytics query.
41
42
42
-
Use advanced search to sort and filter your threat intelligence objects without even writing a Log Analytics query. For more information, see the following articles:
43
+
For more information, see the following articles:
43
44
44
45
-[Uncover adversaries with threat intelligence in Microsoft's unified SecOps platform](threat-intelligence-overview.md)
45
46
-[New STIX objects in Microsoft Sentinel](https://techcommunity.microsoft.com/blog/microsoftsentinelblog/announcing-public-preview-new-stix-objects-in-microsoft-sentinel/4369164)
Case management is the first installment of an end-to-end solution that provides seamless management of your security work. SecOps teams maintain security context, work more efficiently and respond faster to attacks when they manage case work without leaving the Defender portal. Here's the initial set of scenarios and features that CMSK supports.
51
+
Case management is the first installment of an end-to-end solution that provides seamless management of your security work. SecOps teams maintain security context, work more efficiently and respond faster to attacks when they manage case work without leaving the Defender portal. Here's the initial set of scenarios and features that case management supports.
51
52
52
53
- Define your own case workflow with custom status values
53
54
- Assign tasks to collaborators and configure due dates
0 commit comments