MDCA - Compare user investigation priority to top users

briandelmsft / STAT-Function

Azure Function for the Microsoft Sentinel Triage AssistanT (STAT)

https://aka.ms/mstat

MIT License

9 stars 1 forks source link

MDCA - Compare user investigation priority to top users #44

Closed briandelmsft closed 1 year ago

briandelmsft commented 1 year ago

In the MDCA module compare the current entities to the max / top 10/50/100? investigation priorities in the tenant to provide a relative sense of the users investigation priority.