Using Trend XDR – Microsoft sentinel Integration is an excellent way to connect to additional sources of telemetry data and add this to your corporate instance of Microsoft Sentinel for SIEM and SOAR capabilities.
I discovered this article this morning in my feed and thought it would be great to share as it is a good integration story between platforms and how we in cyber like to talk about layers or depth in security through using different vendors to provide protection.
Microsoft sentinel is an excellent tool for Security analysts to review data for signs of compromise and build playbooks for automating a response to a cyber incident using the information provided by connected telemetry sources, in this case the Trend XDR platform.
Microsoft sentinel looks difficult to the beginner, but give the platform some time. Sentinel uses Kusto Query Language (KQL) for building queries to review the data that is stored, so basically if you are familiar with Structured Query Language (SQL) as used by Microsoft SQL server etc then you will easily understand KQL. If not then it is easy to pick up some starting skills from Youtube, Playbooks etc from Github etc.
https://github.com/Azure/Azure-Sentinel/wiki
All organisations have an investment in cyber security products / solutions for their business and if you are still using them then it is safe to assume they do what you need them to do – provide security for your business.
In summary
Integrations like this for Trend XDR to Microsoft Sentinel is an excellent way to keep operational costs low while uplifting and enhancing your security capabilities.
Chat with us if you would like any help here or leave a comment in the comments section below.
Leave a Reply
You must be logged in to post a comment.