February 25, 2024 - Microsoft Sentinel - our SIEM and SOAR Solution - has several methods to import your own threat intelligence data (BYOTI) or simply integrate the Microsoft D...

Many SOAR integrations can be deployed as part of a Microsoft Sentinel solution, together with related data connectors, analytics rules and workbooks. For more information, see the Microsoft Sentinel solutions catalog. More integrations are provided by the Microsoft Sentinel community and can be found in the GitHub repository.

This article displays and details the content provided by Microsoft Sentinel for security orchestration, automation, and response (SOAR), including playbooks and Logic Apps connectors.

This repo presents the collection of links to get you started with Microsoft Sentinel SIEM and SOAR capabilities - sjkaursb93/microsoftSentinelLearningCollection

You can also submit to issues for ... Sentinel. This repository welcomes contributions and refer to this repository's wiki to get started. For questions and feedback, please contact [email protected] ... We value your feedback. Here are some channels to help surface your questions or feedback: General product specific Q&A for SIEM and SOAR - Join in ...

Learn about Microsoft Sentinel's SOAR capabilities, including Automation Rules and Playbooks. Explore several OOB Playbooks, Community Playbooks, as well as ...

Contribute to splunk-soar-connectors/mssentinel development by creating an account on GitHub.

Learn about Microsoft Sentinel, a scalable, cloud-native SIEM and SOAR that uses AI, analytics, and automation for threat detection, investigation, and response.

Learn how to identify SOAR use cases, and how to migrate your ArcSight SOAR automation to Microsoft Sentinel.

When upgrading from a previous ... section. The documentation on it’s use is in App Configuration. ... This app allows bi-directional synchronization between IBM SOAR and Microsoft Sentinel....

Microsoft Sentinel has an official repository with lots of content available that is ready to be deployed. The link to the official repository is https://github.com/Azure/Azure-Sentinel.

Learn more about Microsoft sentinel OOTB Content Centralization changes · This is a unified community for Microsoft SIEM, SOAR and XDR products. This community integrates the Microsoft Sentinel and Microsoft 365 Defender products.

Sentinel SOAR Essentials Solution · Send Microsoft Teams adaptive card on incident creation · Send-Teams-adaptive-card-on-incident-creation · Sentinel SOAR Essentials Solution · Blocking playbooks are triggered when an alert or incident is created, gather entity information like the account, IP address, and host, and blocks them from further actions: Playbook ·

Protecting MSSP Intellectual Property in Microsoft Sentinel · MustLearnKQL Blog Series · KQL Search · SQL to KQL Cheat Sheet · Community: SOAR Capabilities in Microsoft Sentinel · STAT – The Microsoft Sentinel Triage Assistant (STAT) uses modular playbooks and a Logic App Custom Connector to simplify the process through reusable content ·

Instead of hiring more security operations staff to react and handle alerts, our solution incorporates Microsoft Sentinel’s Security Orchestration, Automation and Response (SOAR) feature to reduce the workload on security teams and mitigate threats by acting proactively using automation based ...

Filter by Product Type = Solution Templates to see solutions for Microsoft Sentinel. The following table lists the domain-specific out-of-the-box (built-in) and on-demand solutions available for you to deploy in your workspace. ... Application, Security - Automation (SOAR), Security - Threat Protection, Security - Vulnerability Management

Many SOAR integrations can be deployed as part of a Microsoft Sentinel solution, together with related data connectors, analytics rules and workbooks. For more information, see the Microsoft Sentinel solutions catalog. More integrations are provided by the Microsoft Sentinel community and can be found in the GitHub repository.

July 28, 2025 - A practical introduction to cloud-native SIEM and SOAR with Microsoft Sentinel.

Review which Microsoft Sentinel or Azure Logic Apps features map to the main Splunk SOAR components. Most of the playbooks that you use with Microsoft Sentinel are available in either the Automation > Templates tab, the Content hub catalog, or GitHub.

Learn about Microsoft Sentinel security orchestration, automation, and response (SOAR) capabilities and components, including automation rules and playbooks.