YoVDO

Implementing and Administering Azure Sentinel

Offered By: LinkedIn Learning

Tags

Security Information and Event Management (SIEM) Courses Threat Intelligence Courses Microsoft Defender Courses Cloud Security Courses Threat Detection Courses Threat Hunting Courses Security Automation Courses SOAR Courses

Course Description

Overview

Learn how to implement and administer Azure Sentinel, a cloud-native security event and information management (SEIM) system that detects threats while automating threat responses.

Syllabus

Introduction
  • Need a central point of analysis for security events?
  • What you should know
  • Lab setup
1. Introduction and Concepts
  • Sentinel feature flyover
  • Onboarding Microsoft Sentinel
  • Kusto query language quickstart
2. Configuring Microsoft Sentinel
  • Connecting Microsoft services
  • Connecting external services
  • Integrating threat intelligence
3. Threat Detection, Investigation, and Response
  • Detecting threats
  • Investigating incidents
  • Responding to threats using automation
  • Security orchestration, automation, and response (SOAR)
  • UEBA and machine learning
4. Advanced Threat Hunting Scenarios
  • Threat hunting basics
  • Hunting with bookmarks
  • Hunting with notebooks
  • Workbooks and dashboards
  • Integrating with Microsoft Defender and Purview
Conclusion
  • Next steps

Taught by

Pete Zerger

Related Courses

Incident Handling Fundamentals
Cybrary Microsoft Sentinel - Modern SIEM with SOAR, Threat Intelligence, and UEBA
Microsoft via YouTube Threat Response with Microsoft Sentinel Playbooks - Learn Live
Microsoft via YouTube SOAR with Postee - Automated Incident Response for Cloud Native Risks
Linux Foundation via YouTube Automated Incident Response - Streamlining Processes and Enhancing Efficiency
Hack In The Box Security Conference via YouTube