![]() Working Example of SOC Process Framework Workbook There are 14 Processes and 36 Procedures broken into detail to help deliver a comprehensive start to operationalizing Azure Sentinel and applying a SOC methodology. If you need steps on manually deploying the workbook after copying the code from GitHub, I suggest following the instructions from this article that has them outlined. ![]() NOTE: If the workbook is not yet available in your Azure Sentinel Workbook Templates, you can pull down a copy by going to my GitHub repo: and simply open a New Workbook and paste in the Gallery Code. Requirements: Azure Sentinel Workspace and Security Reader rights.ġ) From the Azure portal, navigate to Azure Sentinel.ģ) Search SOC Process Framework and select Save to add to My Workbooks. Follow the steps below to enable the workbook: It is recommended that you have a working instance of Azure Sentinel get the full benefit of the SOC Process Framework Workbook, but the workbook will deploy regardless of your available log sources. ( Clive Watson, Beth Bischoff, Chuck Enstall, Josh Heizman, Matthew Littleton) Each one of you brought a wealth of knowledge and a unique perspective. I have spent over a decade helping to build SOCs and together at Microsoft my team of GBB's, built a SOC Process Framework Workbook that combines SOC industry standards and best practices and applied them to Azure Sentinel.Ī special thanks to my team members who helped me on this project. So with all that power, how do I build a SOC and operationalize my Security Operations to keep up? At long last, there is a new Workbook to help you do just that. This means more capabilities, functions and integrations to work with. If you are like me, you are probably excited with how fast Azure Sentinel has grown. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |