Summary
In this chapter, we explored the concept of TI, the new terminology and solution options, and the concept of creating and sharing TI feeds as a community effort.
There are several options available for adding TI feeds into Azure Sentinel, and we know Microsoft is working to develop this even further. TI feeds will assist with the analysis and detection of unwanted behavior and potentially malicious activities. With many options to choose from, selecting the right feeds for your organization is an important part of configuring Azure Sentinel.
The next chapter introduces the Kusto Query Language (KQL), which is the powerful means to search all data collected for Azure Sentinel, including the TI data we just added.