Blogs by Ashwin

  Azure Sentinel as a SIEM & SOAR solution Azure Sentinel is known for its Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) solution that's especially designed for hybrid environments. To alert you about any potential security threats such as attempts to access Contoso's resources from outside its infrastructure or when data from Contoso appears to be sent to a known malicious IP address, it extensively uses built-in and custom detections while also creating incidents based on these alerts.  Azure Sentinel Playbooks The collections of the procedures based on Azure Logic Apps that runs in response to an alert are called Security Playbooks and can also be run manually in response to your investigation of an incident or an alert can be configured to run a playbook automatically. Its ability to respond to the incidents automatically also allows you to automate some of your security operations and make your Service Orga...