Implementing and Administering Azure Sentinel

Overview

Learn how to implement and administer Azure Sentinel, a cloud-native security event and information management (SEIM) system that detects threats while automating threat responses.

Syllabus

Introduction

Need a central point of analysis for security events?
What you should know
Lab setup

1. Introduction and Concepts

Sentinel feature flyover
Onboarding Microsoft Sentinel
Kusto query language quickstart

2. Configuring Microsoft Sentinel

Connecting Microsoft services
Connecting external services
Integrating threat intelligence

3. Threat Detection, Investigation, and Response

Detecting threats
Investigating incidents
Responding to threats using automation
Security orchestration, automation, and response (SOAR)
UEBA and machine learning

4. Advanced Threat Hunting Scenarios

Threat hunting basics
Hunting with bookmarks
Hunting with notebooks
Workbooks and dashboards
Integrating with Microsoft Defender and Purview

Conclusion

Next steps

Taught by

Pete Zerger

Reviews

4.8 rating at LinkedIn Learning based on 404 ratings

Start your review of Implementing and Administering Azure Sentinel

Taught by

Cloud-native security operations with Microsoft Sentinel

Configure SIEM Security Operation using Microsoft Sentinel

Configure SIEM security operations using Microsoft Sentinel

SC-200: Create detections and perform investigations using Microsoft Sentinel

SC-200: Perform threat hunting in Microsoft Sentinel

Microsoft Sentinel

110+ Hours of Free LinkedIn Learning Courses with Free Certification

Never Stop Learning.