Microsoft Sentinel


From Zero to Hero with Microsoft Sentinel:

Microsoft Sentinel is a scalable, cloud-native solution that provides:
Security information and event management (SIEM)
Security orchestration, automation, and response (SOAR)
Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.

Key topics in this Microsoft Sentinel training include:
Introduction: Establishing overview of Microsoft Sentinel.
Architecture: structural design of Microsoft Sentinel for scalable solutions.
Deployment: Step-by-step guidance on deploying Microsoft Sentinel effectively.
Log Analytics: Mastering the art of log analytics for insightful data interpretation.
Threat Management: Equipping yourself with strategies for proactive threat management.
Automation & SOAR: Automating responses and orchestrating security operations with playbooks
Advanced Concepts: Exploring topics like MITRE ATT&CK, workbooks, watchlists, and more.

Technical Workshop: Configure Security Operations Using Microsoft Sentinel

Agenda:

  • Setting up the Microsoft Sentinel environment
  • Create and manage Microsoft Sentinel workspaces
  • Connect Microsoft services to Microsoft Sentinel
  • Connect Windows/Linux hosts to Microsoft Sentinel
  • Threat detection with Microsoft Sentinel analytics
  • Automation in Microsoft Sentinel
  • Work with Analytics Rules, Workbooks
  • Threat Hunting activity
  • Incident Management Unified Security Operation with Defender XDR, Microsoft Sentinel and Security Copilot DEMO