Not a user yet?
Log in Register for free Suggest a product
Update

Link to incident feature in Microsoft Defender

Defender XDRDefender XDR
Microsoft
Update from patrick-devicebaseUpdate from:
patrick-devicebase (expert)

December 2024 Update

  • (Preview) The Link to incident feature in Microsoft Defender advanced hunting now allows linking of Microsoft Sentinel query results. In both the Microsoft Defender unified experience and in Defender XDR advanced hunting, you can now specify whether an entity is an impacted asset or related evidence.
  • (Preview) In advanced hunting, Microsoft Defender portal users can now use the adx() operator to query tables stored in Azure Data Explorer. You no longer need to go to log analytics in Microsoft Sentinel to use this operator if you are already in Microsoft Defender.
  • New documentation library for Microsoft's unified security operations platform. Find centralized documentation about Microsoft's unified SecOps platform in the Microsoft Defender portal. Microsoft's unified SecOps platform brings together the full capabilities of Microsoft Sentinel, Microsoft Defender XDR, Microsoft Security Exposure Management, and generative AI into the Defender portal. Learn about the features and functionality available with Microsoft's unified SecOps platform, then start to plan your deployment.
Version: December 2024 Update Link
More updatesTo the product
Receive Important Update Messages Stay tuned for upcoming Microsoft Defender XDR updates

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad