From 3fb1e785ef47a03649725c4e85843d52dca4ca36 Mon Sep 17 00:00:00 2001 From: Avinash Iyer Date: Wed, 10 Nov 2021 15:43:48 -0800 Subject: [PATCH] Updated Azure Sentinel to Microsoft Sentinel --- Workbooks/ThreatIntelligence.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Workbooks/ThreatIntelligence.json b/Workbooks/ThreatIntelligence.json index 123ab10c1b..e63e4a037a 100644 --- a/Workbooks/ThreatIntelligence.json +++ b/Workbooks/ThreatIntelligence.json @@ -139,7 +139,7 @@ { "type": 1, "content": { - "json": "# Threat Intelligence Workbook\n---\n\nWelcome to the Threat Intelligence Workbook. The workbook provides a guided threat intelligence experiene for researching threats, aligning Microsoft telemetry with indicators of compromise, and developing threat intelligence programs. Within a Security Information and Event Management (SIEM) solution like Azure Sentinel, the most commonly used form of CTI is threat indicators, also known as Indicators of Compromise or IoCs. Threat indicators are data that associate observed artifacts such as URLs, file hashes, or IP addresses with known threat activity such as phishing, botnets, or malware. This form of threat intelligence is often called tactical threat intelligence because it can be applied to security products and automation in large scale to detect potential threats to an organization and protect against them. In Azure Sentinel, you can use threat indicators to help detect malicious activity observed in your environment and provide context to security investigators to help inform response decisions. For more information, see ✳️ [Understand Threat Intelligence in Azure Sentinel](https://docs.microsoft.com/azure/sentinel/understand-threat-intelligence).\n" + "json": "# Threat Intelligence Workbook\n---\n\nWelcome to the Threat Intelligence Workbook. The workbook provides a guided threat intelligence experiene for researching threats, aligning Microsoft telemetry with indicators of compromise, and developing threat intelligence programs. Within a Security Information and Event Management (SIEM) solution like Microsoft Sentinel, the most commonly used form of CTI is threat indicators, also known as Indicators of Compromise or IoCs. Threat indicators are data that associate observed artifacts such as URLs, file hashes, or IP addresses with known threat activity such as phishing, botnets, or malware. This form of threat intelligence is often called tactical threat intelligence because it can be applied to security products and automation in large scale to detect potential threats to an organization and protect against them. In Microsoft Sentinel, you can use threat indicators to help detect malicious activity observed in your environment and provide context to security investigators to help inform response decisions. For more information, see ✳️ [Understand Threat Intelligence in Microsoft Sentinel](https://docs.microsoft.com/azure/sentinel/understand-threat-intelligence).\n" }, "conditionalVisibility": { "parameterName": "Help", @@ -160,7 +160,7 @@ "value": "Yes" }, "customWidth": "20", - "name": "Azure Sentinel Logo" + "name": "Microsoft Sentinel Logo" }, { "type": 11,