You have an Azure subscription that contains a Microsoft Sentinel workspace named WS1.
You create a hunting query that detects a new attack vector. The attack vector maps to a tactic listed in the MITRE ATT&CK database.
You need to ensure that an incident is created in WS1 when the new attack vector is detected.
What should you configure?
OneplusOne
2 months, 3 weeks agosapphire
9 months, 1 week ago12369b6
9 months, 2 weeks ago90158a0
1 year, 1 month ago