0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Security Orchestration, Automation, and Response for Security Analysts

You're reading from Security Orchestration, Automation, and Response for Security Analysts Learn the secrets of SOAR to improve MTTA and MTTR and strengthen your organization's security posture

Product type Paperback

Published in Jul 2023

Publisher Packt

ISBN-13 9781803242910

Length 338 pages

Edition 1st Edition

Tools

Microsoft Sentinel

Concepts

Cybersecurity

Author (1):

Benjamin Kovacevic

View More author details

Table of Contents (14) Chapters

Preface

1. Part 1: Intro to SOAR and Its Elements

2. Chapter 1: The Current State of Cybersecurity and the Role of SOAR FREE CHAPTER

3. Chapter 2: A Deep Dive into Incident Management and Investigation

4. Chapter 3: A Deep Dive into Automation and Reporting

5. Part 2: SOAR Tools and Automation Hands-On Examples

6. Chapter 4: Quick Dig into SOAR Tools

7. Chapter 5: Introducing Microsoft Sentinel Automation

8. Chapter 6: Enriching Incidents Using Automation

9. Chapter 7: Managing Incidents with Automation

10. Chapter 8: Responding to Incidents Using Automation

11. Chapter 9: Mastering Microsoft Sentinel Automation: Tips and Tricks

12. Index

Why subscribe?

13. Other Books You May Enjoy

Monitoring automation rules and playbook health

Microsoft Sentinel automation has a native way of monitoring the health of automation rules and playbook triggers. This monitoring can be enabled from the Settings page of Microsoft Sentinel, under Health monitoring.

Figure 5.42 – Microsoft Sentinel – Health Monitoring configuration

We need to enable the Automation diagnostic settings and send them to the Log Analytics workspace where Microsoft Sentinel is enabled.

Figure 5.43 – The Automation Health monitoring configuration wizard

These diagnostic settings will be saved in the SentinelHealth table in Microsoft Sentinel so that we can query statuses using KQL.

A sample KQL query that you can use to get this data is as follows:

SentinelHealth
| where SentinelResourceType in ("Playbook", "Automation rule")

Figure 5.44 – Querying the SentinelHealth table in the Microsoft...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Benjamin Kovacevic

Benjamin Kovacevic

Benjamin Kovacevic is a cyber-security enthusiast with hands-on experience with Microsoft XDR and SIEM platforms. Currently working with Microsoft Sentinel as a Product Manager, he is focusing on the SOAR component of the solution and working on new capabilities that will help SOCs improve their investigation and response. Benjamin is constantly working to improve his knowledge about cyber-security, as well as to share knowledge about Microsoft SOAR. He is the author of Microsoft Sentinel Automation training, as well as blog posts around tips and tricks to jump-start with Microsoft Sentinel Automation. Benjamin is originally from Bosnia and Herzegovina but currently resides in Ireland with his wife and son.

See other products by Benjamin Kovacevic

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m