Overview
Join CyberProof's Cloud Security Architect Saggie Haim and Microsoft's Azure Sentinel expert Javier Soriano in this 56-minute video session from Microsoft Ignite 2022. Discover strategies to enhance your cloud-native threat detection and response maturity using Azure Sentinel. Explore challenges and threats in cloud environments, understand why traditional SIEM solutions fall short, and learn how Azure Sentinel functions as a native cloud solution and SIEM as code. Gain insights on optimizing ingestion and retention costs, implementing effective threat hunting techniques, and leveraging data enrichment for improved security analysis. Access additional resources on ransomware, cloud security, and cyber defense strategies to further strengthen your organization's security posture.
Syllabus
Intro
THE CHALLENGES IN THE CLOUD
THE THREATS IN THE CLOUD
TRADITIONAL SIEM IS NOT ENOUGH
AZURE SENTINEL-NO LONGER JUST A "SIEM"
AZURE SENTINEL-NATIVE CLOUD SOLUTION
AZURE SENTINEL - SIEM AS A CODE
THE SOC MANAGER
OPTIMIZING INGESTION COSTS-FILTERING AT THE SOURCE
OPTIMIZING INGESTION COSTS-SYSLOG DAEMON AND LOGSTASH
OPTIMIZING INGESTION COSTS - CUSTOM CODE
OPTIMIZING RETENTION COSTS
THE SECURITY ANALYST - THREAT HUNTING
The Security Analyst - Enrichment
Taught by
Microsoft Ignite