MC559251 – Update your custom detections to leverage new ActionTypes in DeviceNetworkEvents (archived)

cloudscout.one Icon

check before: 2023-06-06

Product:

Defender, Microsoft 365 Defender

Platform:

World tenant, Online

Status:

Change type:

Admin impact, Retirement

Links:

Details:

On July 18, 2023, Microsoft will be retiring a subset of signatures found in the "NetworkSignaturesInspected" action type of Advanced Hunting. With the recent integration of Zeek providing advanced protocol parsing capabilities, which result in better visibility into full network sessions compared to the raw packet bytes found in the "NetworkSignaturesInspected" action type of Advanced Hunting today, the effort to consolidate will provide a better overall experience for our customers by reducing the signatures that serve similar functions without the added benefits provided by the new Zeek alternative.
[When this will happen:]
July 18, 2023

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2023-05-23

updated:
2023-05-23

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

More Info URL

XXXXXXX ... free basic plan only

MS Blog Link

XXXXXXX ... free basic plan only

** AI generated content. This information is not reliable.

the free basic plan is required to see all details. Sign up here


Last updated 4 months ago

Share to MS Teams

Login to your account

Welcome Back, We Missed You!