This demo showcases how our solutions seamlessly integrate Microsoft Sentinel, Microsoft Teams (via Lumina), and D3 Security to provide a streamlined and effective security workflow.
Scenario: A potential security incident is detected based on a custom analytic rule. The alert triggers within Sentinel, capturing key information about the suspicious activity.
Response: D3 automatically generates the required tasks, based on the Incident categorisation. In this instance, it's an usual account activity. The Analyst is assigned a list of Tasks to work through, which interact with Teams and the tool required to remediate the event. In this scenario, it's Entra.
Action: Lumina, our Teams integration bot, receives the alert details from Sentinel (triggered by D3) and posts an interactive card to a designated security channel. This card presents a summary of the incident and provides action buttons for quick response.
Teams chat is currently empty. Awaiting D3 action...
Once approved via Teams, the D3 Security playbook orchestrates the following automated actions:
This section visualizes the automated steps performed by the D3 playbook in the background.