This is so freaking cool! If you ingest sysmon or other data for a device, you can get a unified timeline view on the device in the Defender portal when you integrate Sentinel 🔥 Just showed up in my tenant :) techcommunity.micros... - ThreadSky | a Reddit-style client for Bluesky

nathanmcnulty.com • 26 days ago

This is so freaking cool! If you ingest sysmon or other data for a device, you can get a unified timeline view on the device in the Defender portal when you integrate Sentinel 🔥

Just showed up in my tenant :)

https://techcommunity.microsoft.com/blog/microsoftsentinelblog/introducing-the-unified-device-timeline-experience-in-microsoft-siem--xdr/4372047

Comments