Microsoft Graph Activity Logs - Suspicious TI-IP Address Detection

Azure / Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

https://azure.microsoft.com/en-us/services/azure-sentinel/

MIT License

4.37k stars 2.89k forks source link

Microsoft Graph Activity Logs - Suspicious TI-IP Address Detection #10708

Open ibztek opened 6 days ago

ibztek commented 6 days ago

I'm trying to correlate TI - IP with activities in Graph. Could that be a good detection ? or what is it a better way to protect activites in Microsoft Graph ?