Zum Hauptinhalt wechseln


Liza Mash Levin

Senior Program Manager Lead, Azure Sentinel team

Latest posts

Showing 1 – 3 of 3 posts found

Published • 2 min read

Machine Learning powered detections with Kusto query language in Azure Sentinel 

As cyberattacks become more complex and harder to detect. The traditional correlation rules of a SIEM are not enough, they are lacking the full context of the attack and can only detect attacks that were seen before. This can result in false negatives and gaps in the environment. In addition, correlation rules require significant maintenance and customization since they may provide different results based on the customer environment.