Microsoft Sentinel Custom Graphs – From SIEM to Relationship-Based Security Analytics For a long time, the event- and log-based approach dominated the field of security analysis. SIEM systems were based on this model: data collection, normalization, followed by queries and detections built on tabular structures. This approach still works today, but it has a structural…

Read more