What Happens When You Pair World-Class Internet Intelligence with Microsoft’s Sentinel SIEM?
In a traditional SIEM, you can collect information on security events (both in real-time and historical data) and an array of additional contextual data sources. But even with this amount of information, is it enough to develop the bigger picture or show correlations where it may seem like there are none?
The latest integration between DomainTools and Microsoft Sentinel allows users to access the industry’s leading domain and passive DNS databases to develop insights and create context around adversary assets, giving you a deeper understanding around Sentinel Incidents that include domain names. Armed with this context, your team will be in a better position to respond to potential incidents, or defend ahead of emerging threat campaigns.
In this webinar, you’ll learn:
- How DomainTools Iris and Farsight DNSDB can enrich Incidents in Microsoft Sentinel
- Use cases for specific playbooks
- What kind of data can be obtained
- How your team can take specific next steps as a result of the information gained
Join Dan Nunes, VP of Product Strategy and Technical Partnerships and Tim Helming, Security Evangelist, for this one-hour webinar, including a demo and time for Q&A.
