Episode

Security Alert Correlation | Defender for Cloud in the Field

In this episode of Defender for Cloud in the Field, Daniel Davrayev joins Yuri Diogenes to talk about security alert correlation capability in Defender for Cloud. Daniel talks about the importance of have a built-in capability to correlate alerts in Defender for Cloud, how this saves time for SOC analysts to investigate alert and respond to potential threats. Daniel also explains how data correlation works and demonstrate how this correlation appears in Defender for Cloud dashboard as a security incident.

Chapters

00:00 - Intro
02:15 - How Defender for Cloud handles alert prioritization
04:29 - How Defender for Cloud can help with alert correlation
07:05 - How Defender for Cloud creates alerts correlation
09:06 - Does alert correlation works across different Defender for Cloud plans?
11:42 - Demonstration

Recommended resources

Learn more
Subscribe to Microsoft Security on YouTube
Join our Tech Community
For more about Microsoft Security

Connect

Microsoft Security | Twitter: @msftsecurity | LinkedIn: /in/microsoft-security

Chapters

00:00 - Intro
02:15 - How Defender for Cloud handles alert prioritization
04:29 - How Defender for Cloud can help with alert correlation
07:05 - How Defender for Cloud creates alerts correlation
09:06 - Does alert correlation works across different Defender for Cloud plans?
11:42 - Demonstration

Recommended resources

Learn more
Subscribe to Microsoft Security on YouTube
Join our Tech Community
For more about Microsoft Security

Connect

Microsoft Security | Twitter: @msftsecurity | LinkedIn: /in/microsoft-security