Lots of updates for sentinel squeezed in before the end of the year:

New overview dashboard. Microsoft have elected to drop detection statistics in favour of performance / maintenance information which is a welcome change for me but I've had clients ask for the old info so you will probably want to make up a workbook

Incident Tasks. New case management feature that enables you to add investigation steps that can be ticked off when complete. If your using sentinel for case management this is fantastic for triage consistency and audit purposes. You can push tasks to incidents automatically.

New UEBA queries. Microsoft have released an UEBA essentials pack in the content hub and it's a must have if your using the engine. Lots of hunting queries.

Playbook health data now in sentinel. Data such as when a playbook ran, why it ran and what the outcome was is now stored directly in the log analytics workspace your sentinel instance sits. Another improvement for SOAR use cases.

CommonSecurityLog table has got some much needed love. A handful of data points typically kept under the field 'AdditonalExtensions' are now parsed out properly. Make sure to check your rules as this may break them.

Plethora of new integration opportunities. Lots of partners have added their own connectors so make sure to check out the list.