This helps protect our community. Learn more

Use Watchlist to Manage Alerts, Reduce Alert Fatigue, and Improve SOC Efficiency

33.9K subscribers

5K views 3 years ago #Watchlist #MicrosoftSentinel

Tuesday, March 29, 2022 | 08:00AM – 9:00AM (PST, Redmond Time) Microsoft Sentinel Webinar | Use Watchlist to Manage Alerts, Reduce Alert Fatigue, and Improve SOC Efficiency Presenter(s): Cristhofer Romeo Muñoz, Jing Nghik, & Innocent Wafula Description: In this webinar, we will show you how watchlists could be leveraged to improve your overall SOC efficiency by helping reduce alert fatigue. We will go over some use cases to help articulate how watchlists could be used to reduce the overall number of false positives, filter out noisy events, suppress alerts generated internally by testing and red teaming, help map alerts/incidents to prioritize them during remediation, and even surface insider risks where maybe you typically wouldn't alert on To ensure you hear about future Microsoft Sentinel webinars and other developments, make sure you join our community by going to https://aka.ms/SecurityCommunity #MicrosoftSentinel #Watchlist #SOCefficiency

...more

These chapters are auto-generated

Use Watchlist to Manage Alerts, Reduce Alert Fatigue, and Improve SOC Efficiency

66Likes

5,060Views

2022Mar 29

Intro

0:00

Prioritize incidents

5:08

Import business data

13:24

Reduce Alert Fatigue

20:53

Transcript

Follow along using the transcript.

Microsoft Security Community

33.9K subscribers

Use Watchlist to Manage Alerts, Reduce Alert Fatigue, and Improve SOC Efficiency

Chapters View all

Intro

Intro

Intro

Prioritize incidents

Prioritize incidents

Prioritize incidents

Import business data

Import business data

Import business data

Reduce Alert Fatigue

Reduce Alert Fatigue

Reduce Alert Fatigue

Enrich Event Data

Enrich Event Data

Enrich Event Data

Microsoft Security

Microsoft Security

Microsoft Security

Microsoft Security Community

Use Watchlist to Manage Alerts, Reduce Alert Fatigue, and Improve SOC Efficiency

Comments 4

Chapters

Intro

Intro

Intro

Prioritize incidents

Prioritize incidents

Prioritize incidents

Import business data

Import business data

Import business data

Reduce Alert Fatigue

Reduce Alert Fatigue

Reduce Alert Fatigue

Enrich Event Data

Enrich Event Data

Enrich Event Data

Microsoft Security

Microsoft Security

Microsoft Security

Description

Chapters View all

Intro

Intro

Intro

Prioritize incidents

Prioritize incidents

Prioritize incidents

Import business data

Import business data

Import business data

Reduce Alert Fatigue

Reduce Alert Fatigue

Reduce Alert Fatigue

Microsoft Security Community

Transcript

The Advanced Security Information Model (ASIM)

How to Use Watchlists to Reduce Alert Fatigue [Microsoft Sentinel Demo]

Microsoft Sentinel in just 30 minutes

Simplify MFA Compliance with FIDO2 Security Keys

Introduction in Microsoft Sentinel Watch Lists

Cybersecurity Trends for 2025 and Beyond

What's New in Microsoft Sentinel and the Unified Security Operations Platform

Cheating Expert Answers Casino Cheating Questions | Tech Support | WIRED

OAuth 2.0 and OpenID Connect (in plain English)

build your own cloud

AI AGENTS EMERGENCY DEBATE: These Jobs Won't Exist In 24 Months! We Must Prepare For What's Coming!

Crush SOC Analyst Alert Fatigue! (Integrations with Automations)

Secure Your Servers with Microsoft's Server Protection Solution

Pegasus Spyware: so dangerous that it should be banned? OTW explains...

Microsoft Sentinel for Beginners | Full Hands-on Security Masterclass

eDiscovery New User Experience and Retirement of Classic

Trump Mother's Day Cold Open - SNL

Getting started with Microsoft Sentinel Analytics Rules (Cybersecurity Usecases) (2023 edition)

Phishing Defenses: Top Cybersecurity Strategies to Protect Your Data

Trump on Upholding Constitution: "I Don't Know" | The Daily Show

Chapters

Chapters