Azure WAF Notebook for Microsoft Sentinel

Posted by

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

Azure Web Application Firewall (Azure WAFdetects SQLI attacks and applies block mitigations by default. In certain instances, this could be a false positive that requires investigation and creation of Azure WAF exclusions. In order to complete a successful investigation, full context about the attack is needed and a process that guides you through the investigation is required. Such a guided investigation process is automated in this Microsoft Sentinel Notebook and allows you to tune Azure WAF policy with minimal user interaction.

This Notebook analyzes SQL injection attacks on Azure WAF integrated with Azure Front Door premium and implements automated exclusions.

This notebook is released in preview.

You can find step-by-step instructions on how to use the Notebook here:


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.