Note: Please refer to the following before installing the solution:

• Review the solution Release Notes

• There may be known issues pertaining to this Solution, please refer to them before installing.

Malware Protection Essentials is a domain solution and does not include any data connectors. The content in this solution requires one of the product solutions below , as well as any other connector or data source normalized to the ASIM.

Prerequisite :-

Install one or more of the listed solutions, or develop your custom ASIM parsers to unlock the value provided by this solution.

1. Amazon Web Services
2. Azure Firewall
3. Azure Network Security Groups
4. Check Point
5. Cisco ASA
6. Cisco Meraki Security Events
7. Corelight
8. Fortinet FortiGate
9. Microsoft Defender for IoT
10. Microsoft Defender for Cloud
11. Microsoft Sysmon For Linux
12. Windows Firewall
13. Palo Alto PANOS
14. Vectra AI Stream
15. WatchGuard Firebox
16. Zscaler Internet Access

Underlying Microsoft Technologies used:

This solution takes a dependency on the following technologies, and some of these dependencies either may be in Preview state or might result in additional ingestion or operational costs:

1. Product solutions as described above
2. Logic app for data summarization

Recommendation :-

It is highly recommended to use the Summarize data logic app playbook provided with this solution as it will significantly improve the performance of the Workbook, Analytic rules & Hunting queries.

Workbooks: 1, Analytic Rules: 6, Hunting Queries: 6, Watchlists: 1

Learn more about Microsoft Sentinel | Learn more about Solutions