Generate report of Microsoft Sentinel Analytic rules that can be updated.

Introduction I have heard from many people that they would like to be able to see which rules need to be updated. There is currently no easy way to do this in the Microsoft Sentinel portal. You can go through each page and see which ones have the “Update Available” tag in the name, but […]

Create a Word Document report from a Microsoft Sentinel Incident

Introduction I recall reading a post where someone asked if there was a way to generate a word document when an incident was closed for reporting purposes. There is no built-in way, but by using a Playbook, a Team’s site (or other SharePoint site), and a Word template, you can do this. The Playbook, Word […]