Microsoft Sentinel offers a way to automate watchlist updates based on alert data, using Logic Apps. Logic Apps provide many watchlist actions that can be configured and an example is provided showing how to add items to a watchlist based on the results of an alert. An Analytics rule, watchlist, and Logic App are required to set up the automation. https://techcommunity.microsoft.com/t5/security-compliance-and-identity/sentinel-watchlist-automation-using-logic-apps/ba-p/3718753 #MicrosoftSentinel #LogicApps #WatchlistUpdate