YoVDO

Implementing and Administering Microsoft Sentinel

Offered By: LinkedIn Learning

Tags

Microsoft Azure Courses Machine Learning Courses Incident Response Courses Cloud Security Courses Threat Detection Courses Threat Hunting Courses

Course Description

Overview

Learn how to implement and administer Azure Sentinel, a cloud-native security event and information management (SEIM) system that detects threats while automating threat responses.

Syllabus

Introduction
  • Need a central point of analysis for security events?
  • What you should know
  • Lab setup
1. Introduction and Concepts
  • Sentinel feature flyover
  • Onboarding Microsoft Sentinel
  • Kusto query language quickstart
2. Configuring Microsoft Sentinel
  • Connecting Microsoft services
  • Connecting external services
  • Integrating threat intelligence
3. Threat Detection, Investigation, and Response
  • Detecting threats
  • Investigating incidents
  • Responding to threats with playbooks
  • Security orchestration, automation, and response (SOAR)
  • UEBA and machine learning
4. Advanced Threat Hunting Scenarios
  • Threat hunting basics
  • Hunting with bookmarks
  • Hunting with notebooks
  • Workbooks and dashboards
  • Integrating with M365 Defender
Conclusion
  • Next steps

Taught by

Pete Zerger

Related Courses

Windows Server 2016 Security Features
Microsoft via edX Detecting and Mitigating Cyber Threats and Attacks
University of Colorado System via Coursera Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Microsoft Professional Capstone : Cybersecurity
Microsoft via edX Cyber Security Operations (Cisco CCNA)
The Open University via FutureLearn