MISP threat intelligence in Azure Sentinel & MDATP ‘IoC’ feature
This blog is about integrating MISP² Threat Intelligence in Azure Sentinel¹ and Microsoft Defender ATP³ to search IoC (Indicator of Compromise: e.g. IP-address, domain names, hashes, etc.) in all connected log sources (Data collections) to Detect the presence of threats and automate Respond (block). ¹ Microsoft Azure Sentinel is the cloud-native SIEM solution from Microsoft, which … Continued