You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: unified-secops-platform/whats-new.md
+7-17Lines changed: 7 additions & 17 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -22,31 +22,21 @@ This article lists recent features added into Microsoft's unified SecOps platfor
22
22
23
23
## January 2025
24
24
25
-
[SOC optimization updates for unified coverage management](#soc-optimization-updates-for-unified-coverage-management)
25
+
-[SOC optimization updates for unified coverage management](#soc-optimization-updates-for-unified-coverage-management)
26
26
27
27
### SOC optimization updates for unified coverage management
28
28
29
29
In workspaces enabled for unified security operations, SOC optimziations now support both SIEM and XDR data, with detection coverage from across Microsoft Defender services.
30
30
31
31
In the Defender portal, the **SOC optimizations** and **MITRE ATT&CK** pages also now provide extra functionality for threat-based coverage optimiations to help you understand the impact of the recommendations on your environment and help you prioritize which to implement first.
32
32
33
-
Enhancements on the SOC optimizations **Overview** page include:
33
+
Enhancements include:
34
34
35
-
- A **High**, **Medium**, or **Low** score for your current detection coverage. This sort of scoring can help you decide which recommendations to prioritize at a glance.
36
-
- An indication of the number of active Microsoft Defender products (services) out of all available products. This helps you understand whether there's a whole product that you're missing in your environment.
37
-
38
-
Optimizations on an optimization details side pane, shown when you drill down to a specific optimization, include:
39
-
40
-
- Detailed coverage analysis, including the number of user-defined detections, response actions, and products you have active
41
-
- Detailed spider charts that show your coverage across different threat categories, for both user-defined and out-of-the-box detections.
42
-
- An option to jump to the specific threat scenario in the **MITRE ATT&CK** page instead of viewing MITRE ATT&CK coverage only in the side pane.
43
-
- An option to **View full threat scenario** to drill down to even further details about the security products and detections available to provide security coverage in your environment.
44
-
45
-
Enhancements for **MITRE ATT&CK** functionality include:
46
-
47
-
- A new toggle to view coverage by threat scenario. If you've jumped to the **MITRE ATT&CK** page from either a recommendation details side pane or from the **View full threat scenario** page, the **MITRE ATT&CK** page is pre-filtered for your threat scenario.
48
-
49
-
- The technique details pane, shown on the side when you select a specific MITRE ATT&CK technique, now shows the number of active detections out of all available detections for that technique.
35
+
|Area | Details|
36
+
|-----|--------|
37
+
|**SOC optimizations Overview page**| - A **High**, **Medium**, or **Low** score for your current detection coverage. This sort of scoring can help you decide which recommendations to prioritize at a glance. <br><br>- An indication of the number of active Microsoft Defender products (services) out of all available products. This helps you understand whether there's a whole product that you're missing in your environment. |
38
+
|**Optimization details side pane**,<br> shown when you drill down to a specific optimization| - Detailed coverage analysis, including the number of user-defined detections, response actions, and products you have active. <br><br>- Detailed spider charts that show your coverage across different threat categories, for both user-defined and out-of-the-box detections. <br><br>- An option to jump to the specific threat scenario in the **MITRE ATT&CK** page instead of viewing MITRE ATT&CK coverage only in the side pane.<br><br><br>- An option to **View full threat scenario** to drill down to even further details about the security products and detections available to provide security coverage in your environment. |
39
+
|**MITRE ATT&CK page**| - A new toggle to view coverage by threat scenario. If you've jumped to the **MITRE ATT&CK** page from either a recommendation details side pane or from the **View full threat scenario** page, the **MITRE ATT&CK** page is pre-filtered for your threat scenario. <br><br>- The technique details pane, shown on the side when you select a specific MITRE ATT&CK technique, now shows the number of active detections out of all available detections for that technique. |
50
40
51
41
For more information, see [Optimize your security operations](/azure/sentinel/soc-optimization/soc-optimization-access?toc=%2Funified-secops-platform%2Ftoc.json&bc=%2Funified-secops-platform%2Fbreadcrumb%2Ftoc.json&tabs=defender-portal) and [Understand security coverage by the MITRE ATT&CK framework](/azure/sentinel/mitre-coverage).
0 commit comments