You're reading from Microsoft 365 Security, Compliance, and Identity Administration Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781804611920

Length 630 pages

Edition 1st Edition

Concepts

System Administration

Author (1):

Peter Rising

View More author details

Table of Contents (25) Chapters

Preface

1. Part 1: Implementing and Managing Identity and Access FREE CHAPTER

2. Chapter 1: Planning for Hybrid Identity

3. Chapter 2: Authentication and Security

4. Chapter 3: Implementing Conditional Access Policies

5. Chapter 4: Managing Roles and Identity Governance

6. Chapter 5: Azure AD Identity Protection

7. Part 2: Implementing and Managing Threat Protection

8. Chapter 6: Configuring a Microsoft Defender for Identity Solution

9. Chapter 7: Configuring Device Threat Protection with Microsoft Defender for Endpoint and Intune

10. Chapter 8: Configuring Microsoft Defender for Office 365

11. Chapter 9: Using Microsoft Sentinel to Monitor Microsoft 365 Security

12. Chapter 10: Configuring Microsoft Defender for Cloud Apps

13. Part 3: Implementing and Managing Information Protection

14. Chapter 11: Managing Sensitive Information

15. Chapter 12: Managing Microsoft Purview Data Loss Prevention

16. Chapter 13: Managing Microsoft Purview Data Lifecycle Management

17. Part 4: Managing Compliance Features in Microsoft 365

18. Chapter 14: Monitoring and Analyzing Audit Logs and Reports in Microsoft Purview

19. Chapter 15: Planning For, Conducting, and Managing eDiscovery Cases

20. Chapter 16: Managing Regulatory and Privacy Requirements

21. Chapter 17: Managing Insider Risk Solutions in Microsoft 365

22. Answers

23. Index

Why subscribe?

24. Other Books You May Enjoy

Configuring playbooks in Microsoft Sentinel

In Microsoft Sentinel, playbooks are collections of responses and actions that can be run like a routine. Playbooks automate and orchestrate threat responses and can be integrated with other systems, both internal and external. They can be configured to run manually or automatically in response to specific alerts or incidents. An example of an automated trigger for a playbook is an automation rule.

Automation rules enable users to centrally manage incident automation. This includes the ability to assign playbooks to incidents and automate responses for multiple analytics rules at once. Additionally, you can automatically tag, assign, or close incidents without requiring a playbook. You can also control the order of the actions executed.

Playbooks are based on Azure Logic Apps. Microsoft Sentinel can leverage the following logic app types:

Consumption: This is the more classic Azure Logic Apps experience
Standard: This is...

The rest of the chapter is locked

You're reading from Microsoft 365 Security, Compliance, and Identity Administration Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Table of Contents (25) Chapters

Configuring playbooks in Microsoft Sentinel

Authors (1)

Personalised recommendations for you

You're reading from Microsoft 365 Security, Compliance, and Identity Administration Plan and implement security and compliance strategies for Microsoft 365 and hybrid environments

Table of Contents (25) Chapters

Configuring playbooks in Microsoft Sentinel

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you