From the cloud providers
What's New: Azure Sentinel - SOC Process Framework Workbook
The Get-SOCActions Playbook with "SocRA" Watchlist gives SOCs the ability to onboard SOC Actions for their Analysts to follow that snap to the SOC Process Framework Workbook. As they onboard Use-Cases and apply triage steps, this playbook can then be run to add those steps to the Incident for an Analyst to follow to closure.
|