Detections made by other security tools are of vital importance to Microsoft Sentinel powered SOCs. This learning path shows how to combine external conclusions with activities and other detections across the security stack in Sentinel, they save analysts time and help create a more complete incident picture which results in better prioritization and decision-making. Examples include anti-malware alerts, suspicious processes, communication with known bad hosts, blocked network traffic, suspicious logons, password spray attacks, phishing attacks, and data exfiltration events and more.