Easily find anomalies in incidents and alerts

Published May 09 2021 11:54 PM 1,639 Views
Microsoft

Microsoft 365 security Home page and Incidents page now include a trend graph of all the incidents and alerts over the last 24 hours.

This enables you to easily find spikes in your environment and tell if there anything abnormal happening.

 

Idan_Pelleg_0-1620584251047.png

 

The new incidents trend graph view will also allow you to determine if there are several alerts for a single incident or that your organization is under attack with several different incidents.

 

For example, a will usually generate a lot of alerts in your organization and all of them will be related to the same incident. Seeing that there are hundreds of alerts over time related to the same incident can help you understand that there is an emerging attack that is growing so that you can prioritize your incident response.

 

For more information on investigating incidents, see Investigate incidents in Microsoft 365 Defender.

 

1 Comment

Awesome, would in addition to this love the graph to reflect based on the filters I apply on the Incident view. 

%3CLINGO-SUB%20id%3D%22lingo-sub-2339243%22%20slang%3D%22en-US%22%3EEasily%20find%20anomalies%20in%20incidents%20and%20alerts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2339243%22%20slang%3D%22en-US%22%3E%3CP%3EMicrosoft%20365%20security%20%3CSTRONG%3EHome%3C%2FSTRONG%3E%20page%20and%20%3CSTRONG%3EIncidents%3C%2FSTRONG%3E%20page%20now%20include%20a%20trend%20graph%20of%20all%20the%20incidents%20and%20alerts%20over%20the%20last%2024%20hours.%3C%2FP%3E%0A%3CP%3EThis%20enables%20you%20to%20easily%20find%20spikes%20in%20your%20environment%20and%20tell%20if%20there%20anything%20abnormal%20happening.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Idan_Pelleg_0-1620584251047.png%22%20style%3D%22width%3A%20999px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F279370iE8DD2A06DDACF77E%2Fimage-size%2Flarge%3Fv%3Dv2%26amp%3Bpx%3D999%22%20role%3D%22button%22%20title%3D%22Idan_Pelleg_0-1620584251047.png%22%20alt%3D%22Idan_Pelleg_0-1620584251047.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThe%20new%20incidents%20trend%20graph%20view%20will%20also%20allow%20you%20to%20determine%20if%20there%20are%20several%20alerts%20for%20a%20single%20incident%20or%20that%20your%20organization%20is%20under%20attack%20with%20several%20different%20incidents.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EFor%20example%2C%20a%20will%20usually%20generate%20a%20lot%20of%20alerts%20in%20your%20organization%20and%20all%20of%20them%20will%20be%20related%20to%20the%20same%20incident.%20Seeing%20that%20there%20are%20hundreds%20of%20alerts%20over%20time%20related%20to%20the%20same%20incident%20can%20help%20you%20understand%20that%20there%20is%20an%20emerging%20attack%20that%20is%20growing%20so%20that%20you%20can%20prioritize%20your%20incident%20response.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CSPAN%3EFor%20more%20information%20on%20investigating%20incidents%2C%20see%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fmicrosoft-365%2Fsecurity%2Fmtp%2Finvestigate-incidents%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EInvestigate%20incidents%20in%20Microsoft%20365%20Defender%3C%2FA%3E%3CSPAN%3E.%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-TEASER%20id%3D%22lingo-teaser-2339243%22%20slang%3D%22en-US%22%3E%3CP%3EMicrosoft%20365%20security%20%3CSTRONG%3EHome%3C%2FSTRONG%3E%20page%20and%20%3CSTRONG%3EIncidents%3C%2FSTRONG%3E%20page%20now%20include%20a%20trend%20graph%20of%20all%20the%20incidents%20and%20alerts%20over%20the%20last%2024%20hours.%3C%2FP%3E%0A%3CP%3EThis%20enables%20you%20to%20easily%20find%20spikes%20in%20your%20environment%20and%20tell%20if%20there%20anything%20abnormal%20happening.%3C%2FP%3E%3C%2FLINGO-TEASER%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2350864%22%20slang%3D%22en-US%22%3ERe%3A%20Easily%20find%20anomalies%20in%20incidents%20and%20alerts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2350864%22%20slang%3D%22en-US%22%3E%3CP%3EAwesome%2C%20would%20in%20addition%20to%20this%20love%20the%20graph%20to%20reflect%20based%20on%20the%20filters%20I%20apply%20on%20the%20Incident%20view.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Co-Authors
Version history
Last update:
‎May 09 2021 11:22 AM
Updated by:
www.000webhost.com