Storage aggregated logs in XDR's Advanced Hunting | Defender for Cloud in the Field #64

In this episode of Defender for Cloud in the Field, Lior Tsalovich joins Yuri Diogenes to talk about Storage aggregated logs in XDR's Advanced Hunting. Lior explains the new CloudStorageAggregatedEvents table available in Microsoft Defender XDR’s Advanced Hunting experience. She explains how aggregated storage activity logs can help SOC Teams during an investigation. Lior also demonstrates how to use Defender XDR advanced hunting to query data using CloudStorageAggregatedEvents table.

Time Stamps:
01:20 - Current challenges faced by SOC Teams and how this feature helps
02:50 - Storage investigation gaps addressed by this solution
05:09 - Data aggregation and enhancement
06:16 - Other scenarios covered by this feature
08:42 - Demonstration

Learn more: https://msft.it/6059sU2lT

#Microsoft #MicrosoftSecurity