![]() ![]() Don’t underestimate your value and your place in this process! Just the simple act of doing this and doing it correctly, you are massively improving the accuracy and intelligence of the product. By using the Closed classifications, selecting the correct ones, and providing proper commenting feedback, you are not just helping yourself, but you’re helping all Azure Sentinel customers. By selecting the appropriate classification, you are helping the product team which, in turn, helps you because it makes Azure Sentinel better.Īnd, can I take a brief moment here? THIS IS IMPORTANT. With this in mind, selecting classifications and the definitions behind each classification makes more sense – particularly the false positive selections. In the future, there may also be additional functionality for Incident confidence and rule tuning suggestions, among other things. The classification is used to limit false positives as much possible. The first thing to understand is that when you assign the appropriate classification, the data is used by the product team to improve the out of the box (OOTB) detections. ![]() Before digging into the definitions and recommendations for each classification, its important to understand the reasoning behind each classification. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |