Microsoft has launched a new dashboard to enhance threat intelligence reporting capabilities.
- The dashboard provides a user-friendly interface for accessing and analyzing threat intelligence data.
- The solution requires certain prerequisites, such as enabling the Defender TI API license and creating an application with the necessary permissions.
- The solution deploys resources including Azure function, Key vault, and Workbook.
- The workbook provides different features, including Sentinel Incident View, Hostname Information, IP Information, Defender TI Articles, Vulnerabilities Information, and Intel Profiles.
- The workbook is designed to assist SOC analysts, threat hunters, and SOC operators in having a comprehensive view of adversaries and identifying potential threats.
- The workbook allows users to search and retrieve information related to indicators of compromise (IOCs), hostnames, IP addresses, Defender TI articles, vulnerabilities, and intel profiles.
