We are announcing Content hub in public preview, featuring a rich set of 92 Microsoft Sentinel solutions to deliver instant out-of-the-box content value and get you started on Microsoft Sentinel quickly. Content hub provides centralized in-product discoverability, single-step deployment, and enablement of out-of-the-box solutions and content in Microsoft Sentinel. The new Content hub replaces the solutions gallery in Microsoft Sentinel and includes all the solutions available in the solutions gallery plus much more.
Microsoft Sentinel content is Security Information and Event Management (SIEM) content that enables customers to ingest data, monitor, alert, hunt, investigate, respond, and connect with different products, platforms, and services in Microsoft Sentinel. Microsoft Sentinel solutions are packages of content like data connectors, workbooks, analytic rules, playbooks, etc. or API integrations, which fulfill an end-to-end product, domain, or industry vertical scenario in Microsoft Sentinel. In terms of out-of-the-box content, these 90+ solutions in Content hub, comprise of over 60 data connectors, 250 analytic rules, 100 playbooks, 150 hunting queries and about 40 workbooks.
Use cases for Content hub are as follows:
Today, we have solutions for Microsoft and other products in the multiple categories landed with lots of collaboration across Microsoft and partners. Much thanks, to our partner teams to make this possible. Learn how you can deliver combined value and reach a wider audience by landing a solution in Microsoft Sentinel Content hub. Refer to the Content hub catalog for a complete list of solutions in the content hub.
Product specific solutions
These solutions contain a combination of one or more data connectors, workbooks, parsers, analytic rules, hunting queries and watchlists that delivers end-to-end product value for that integration in Microsoft Sentinel. Refer to the following list of new product specific solutions available in Content hub, in addition to the ones announced earlier.
Domain specific solutions
Domain solutions contain a combination of one or more workbooks, parsers, analytic rules, hunting queries and watchlists that delivers end-to-end domain value for that integration in Microsoft Sentinel. These solutions are usually data source agnostic and can operate on multiple data sources of a certain type.
Microsoft Sentinel Content hub is just one of several exciting announcements we’ve made for Microsoft Ignite 2021. Learn more about other new Microsoft Sentinel innovations in our announcements blogpost.
Discover and deploy solutions from Content hub for your use cases to get out-of-the-box and end-to-end value for your scenarios in Microsoft Sentinel. Let us know your feedback using any of the channels listed in the Resources.
We also invite our partners to build and publish new solutions for Microsoft Sentinel. Get started now by joining the Microsoft Sentinel Threat Hunters GitHub community and follow the solutions build and publish guidance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.