Category: Sentinel

The SigninLogs table in Sentinel provides valuable data that is being used by multiple detection and hunting queries. However, misinterpretation of this data leads to these queries triggering excessive False Positive results. This becomes a large problem in larger organizations.