Update to Microsoft Sentinel’s Technical Playbook for MSSPs is now available (v1.5.1)

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

Special thanks:      for all the content and reviews you contributed.

 

Today, we are announcing version 1.5.1 of the MSSP playbook. The technical playbook provides guidance in deploying and managing Microsoft Sentinel with a focus on MSSP or large organizations and institutions who operate security operations within environments requiring multi-tenant architectures. The playbook addresses topics like efficient customer onboarding, scaling SOC operations, managing the MSSP intellectual property, accessing the customer’s workspaces/environments and optimizing system administration costs. Since the last version, there have been some significant feature updates to Microsoft Sentinel that need to be included in the playbook. Some of these updates in this version include:

  • Repositories to deploy custom content
  • Codeless connector platform
  • Ingestion time transformation
  • Normalization and ASIM
  • Sentinel health
  • New long term storage using Archive
  • Search and Restore for Archived logs
  • Basic logs tier

To download the latest updates to the MSSP playbook version click here https://aka.ms/mssentinelmssp.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.