Get Smarter with Entity Correlation + RBA in Sentinel

November 7, 2024

Enhance threat detection in Microsoft Sentinel by implementing Entity Correlation with Risk-Based Alerting (RBA). This setup dials down the noise and dials up the accuracy by tagging key entities and stacking risk scores, making sure your team zeroes in on what matters most.

Join Detection Engineers Micah Funderburk and Alex Stemaly as they break down their RBA success story in Sentinel—packed with insights, tips, and the best moves to help your SOC catch threats faster and smarter.

Micah Funderburk

Sr. Detection Engineer, LastPass

Alex Stemaly

Sr. Detection Engineer, LastPass

Alex Hurtado

Detection Dispatch Host, Anvilogic

Additional Resources

Launch the Snowflake Lab

Anvilogic for Snowflake

How Detection Content Combat Threats in the SOC

Podcast

Episode 36: Get Smarter with Entity Correlation + RBA in Sentinel

More Episodes

October 31, 2024

#35 So What Does a Detection Engineer Actually Do?

Join Alex and Chris Black, Senior Detection Engineer at NBC Universal, as they take you inside the dynamic world of detection engineering and explore why it just might be the coolest job you’ve never heard of–our parents for sure never have.

Watch Now and Get the Giveaway

October 24, 2024

#34 The Threat Hunting & Alerting Secret Sauce

In this episode, Alex sits down with a seasoned cybersecurity expert from Expel Security to explore what makes a good alert and how to avoid drowning in a sea of irrelevant notifications.

Watch Now and Get the Giveaway

October 17, 2024

#33 Data-Driven Paths: Breaking Into Cybersecurity in the Age of Security Data Lakes and Silos

In this episode, we dive into the evolving world of cybersecurity with Reanna Schultz and how the rise of security data lakes is reshaping the skills needed to succeed.

Watch Now and Get the Giveaway