search

briandelmsft / SentinelAutomationModules

The Microsoft Sentinel Triage AssistanT (STAT) enables easy to create incident triage automation in Microsoft Sentinel
MIT License
212 stars 58 forks source link

[Feature] Add scoring support - UEBA module #319

Closed briandelmsft closed 1 year ago

briandelmsft commented 2 years ago

Use similar approach to MCAS module, entities that exceed threshold, UEBA module may need an update to pass the count of entities exceeding threshold