Explore how to create Azure Sentinel playbooks for effective security threat response in this comprehensive video session. Learn about Azure Sentinel's Security Orchestration, Automation, and Response (SOAR) capabilities and delve into the Azure Sentinel Logic Apps connector. Discover the process of deploying Azure Sentinel, enabling Azure Activity Log, and setting up analytic rules. Understand the differences between playbooks and logic apps, and explore how to create email alerts and trigger playbooks. Gain hands-on experience with the Logic App Designer tool to build playbooks graphically, incorporating dynamic content and conditional statements. Watch a practical demonstration and test your knowledge with interactive questions throughout the session.
Overview
Syllabus
Introduction
Agenda
Welcome
Azure Sentinel
Deploy Azure Sentinel
Learn module
Enable Azure Activity Log
Enable analytic rule
Azure Sentinel playbooks
What are some sore topics
What is Azure Sentinel playbooks
What is the difference between playbooks and logic apps
What is Azure Sentinel
Logic apps
Alerts and incidents
Email alerts
Actions
Knowledge Check
Trigger playbooks
Sentinel playbooks
Logic App Designer tool
Build playbooks graphically
Dynamic content
Conditional statements
Demo
Question 3 Dynamic Content
Question 4 Global Admin
Taught by
Microsoft Ignite
Tags
Related Courses
-
Configure SIEM security operations using Microsoft Sentinel
-
SC-200: Create detections and perform investigations using Microsoft Sentinel
-
AZ-500: Manage security operation
-
Cloud-native security operations with Microsoft Sentinel
-
Automate business processes with integration workflows in Azure Logic Apps
-
Manage security operations in Azure
