Azure Sentinel Webinar: Fusion ML Detections with Scheduled Analytics Rules

Azure Sentinel leverages machine learning technology called Fusion to automatically detect multistage attacks by identifying combinations of anomalous behaviors and suspicious activities that are observed at various stages of the kill-chain. On the basis of these discoveries, Azure Sentinel generates incidents that would otherwise be difficult to catch. These incidents comprise two or more alerts or activities.

By design, these incidents are low-volume, high-fidelity, and high-severity. To help you discover threats and anomalous behaviors that are more tailored to your environment, Fusion can now detect 32 new multi-stage attack scenarios leveraging a set of scheduled analytics rules. In this webinar, we will walk you through how Fusion works with the scheduled analytics rules, how to create and configure the scheduled rules, and how to investigate incidents created by Fusion.

2:35 – Introduction
3:52 – Fusion Overview
11:26 – Demo
23:45 – Fusion ML Detection for Ransomware
32:48 – Demo
34:59 – Resources/Q&A/Outro

Learn More at https://aka.ms/SecurityCommunity

#MicrosoftSecurity