Security alert correlation
Episode description: In this episode of Defender for Cloud in the Field, Daniel Davrayev joins Yuri Diogenes to talk about security alert correlation capability in Defender for Cloud. Daniel talks about the importance of have a built-in capability to correlate alerts in Defender for Cloud, how this capability saves time for SOC analysts to investigate alert and respond to potential threats. Daniel also explains how data correlation works and demonstrate how this correlation appears in Defender for Cloud dashboard as a security incident.
- 00:00 - Intro
- 02:15 - How Defender for Cloud handles alert prioritization
- 04:29 - How Defender for Cloud can help with alert correlation
- 07:05 - How Defender for Cloud creates alerts correlation
- 09:06 - Does alert correlation works across different Defender for Cloud plans?
- 11:42 - Demonstration
Recommended resources
Subscribe to Microsoft Security on YouTube
Learn more about Microsoft Security
Follow us on social media:
Join our Tech Community
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for