Tropico

The Tropico solution for Microsoft Sentinel enables you to ingest Tropico Security telemetry, including security events, alerts, and incident context, into Microsoft Sentinel for centralized monitoring, investigation, and response. By forwarding deception and adversary engagement signals captured in Tropico controlled environments, such as interactions with emulated services and decoy assets, security teams can correlate high confidence Tropico detections with other data sources already onboarded in Sentinel. This helps SOC analysts prioritize real attacker behavior, accelerate triage, enrich investigations with additional context on observed tactics and techniques, and operationalize Tropico findings through Sentinel analytics rules, hunting queries, incident workflows, and automation.