Loading...

Azure WAF Notebook for Microsoft Sentinel

Azure WAF Notebook for Microsoft Sentinel

Azure Web Application Firewall (Azure WAFdetects SQLI attacks and applies block mitigations by default. In certain instances, this could be a false positive that requires investigation and creation of Azure WAF exclusions. In order to complete a successful investigation, full context about the attack is needed and a process that guides you through the investigation is required. Such a guided investigation process is automated in this Microsoft Sentinel Notebook and allows you to tune Azure WAF policy with minimal user interaction.

This Notebook analyzes SQL injection attacks on Azure WAF integrated with Azure Front Door premium and implements automated exclusions.

This notebook is released in preview.


You can find step-by-step instructions on how to use the Notebook here: https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/tutorial-get-started-with-azure-waf-investigation-notebook/ba-p/3733438

 

Published on:

Learn more
Azure Network Security Blog articles
Azure Network Security Blog articles

Azure Network Security Blog articles

Share post:

Related posts

How to Build an AI-Powered CRM Using Dynamics 365 and Azure OpenAI

Introduction Customer Relationship Management (CRM) has evolved far beyond storing contact details and tracking sales opportunities. In today&...

19 hours ago

Shrinking Azure Pipeline task extensions using esbuild

TL;DR We bundled an internal Azure Pipelines task extension into a single bundled JavaScript file using esbuild. The task package dropped from...

3 days ago

Building on Vercel’s eve + Azure Cosmos DB: An Agent That Remembers

Most “AI agent” demos forget everything the moment the process exits. That’s fine for a toy project, but useless for anythin...

5 days ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy