Source Zero

The Source Zero platform is a community of Optiv’s skilled individuals doing research and sharing their expertise. The Source Zero Tools are resources that provide actionable support and demonstrations around research initiatives.

Microsoft Defender ATP Telemetry: Workbook Visualizations (Part 3)

June 11, 2020

Part 3 of series: Prioritizing Microsoft Defender ATP endpoint alert telemetry with MITRE ATT&CK.

See Details

Blog

Microsoft Defender ATP Telemetry: Azure Log Analytics Workspace (Part 2)

June 11, 2020

This post demonstrates how to pull DATP data into Azure Log Analytics workspaces using a Logic App.

See Details

Blog

Microsoft Defender ATP Telemetry: Viewing MITRE ATT&CK Context (Part 1)

June 11, 2020

This post helps prioritize efforts based on alert information you're already receiving from Microsoft #Defender #ATP.

See Details

Blog

No license, express or implied, to any intellectual property or other content is granted or intended hereby.
This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information.
Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards.
Complaints / questions should be directed to Legal@optiv.com

OPTIV/SOURCE ZERO

Microsoft Defender ATP Telemetry: Workbook Visualizations (Part 3)

Microsoft Defender ATP Telemetry: Azure Log Analytics Workspace (Part 2)

Microsoft Defender ATP Telemetry: Viewing MITRE ATT&CK Context (Part 1)