Zero Trust (TIC3.0) Workbook & Microsoft Teams

Microsoft provided a powerful new Azure Sentinel Workbook: https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-azure-sentinel-zero-trust-tic3-0-workbook/ba-p/2315195

The Zero Trust (TIC3.0) Workbook has two general aspects. On the one hand, it provides a topic-based overview of Microsoft Security & Compliance features:

This "overview" can be filtered and segmented by topics:

The other aspect is that this is not just static content. Wherever possible, the data from the tenant is displayed for the selected topic:

As shown in the screenshot, it is always possible to jump from the Zero Trust (TIC3.0) Workbook to the underlying KQL Querrey in order to evaluate further details.

Whether data can be viewed from the tenant depends on which services are included in Azure Sentinel. Example:

Microsoft Teams & Zero Trust (TIC3.0) Workbook

With the "Unified Communications & Collaboration" filter, the focus of the Workbook is among other things on the Microsoft Teams service. Here, recommendations and details of a Zero Trust strategy are now also displayed as well as data on the tenant:

The Zero Trust (TIC3.0) Workbook can therefore be used to develop an IT security and compliance strategy on the one hand, and on the other hand provides direct data for each topic that is selected.
The focus is not only on the SaaS solutions around Office 365; with the connectors that can be integrated into Azure Sentinel, a comprehensive overall picture is easily possible.