From Zero to Hero with Microsoft Sentinel:
Microsoft Sentinel is a scalable, cloud-native solution that provides:
Security information and event management (SIEM)
Security orchestration, automation, and response (SOAR)
Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterprise. With Microsoft Sentinel, you get a single solution for attack detection, threat visibility, proactive hunting, and threat response.Key topics in this Microsoft Sentinel training include:
Introduction: Establishing overview of Microsoft Sentinel.
Architecture: structural design of Microsoft Sentinel for scalable solutions.
Deployment: Step-by-step guidance on deploying Microsoft Sentinel effectively.
Log Analytics: Mastering the art of log analytics for insightful data interpretation.
Threat Management: Equipping yourself with strategies for proactive threat management.
Automation & SOAR: Automating responses and orchestrating security operations with playbooks
Advanced Concepts: Exploring topics like MITRE ATT&CK, workbooks, watchlists, and more.
Technical Workshop: Configure Security Operations Using Microsoft Sentinel
Agenda:
- Setting up the Microsoft Sentinel environment
- Create and manage Microsoft Sentinel workspaces
- Connect Microsoft services to Microsoft Sentinel
- Connect Windows/Linux hosts to Microsoft Sentinel
- Threat detection with Microsoft Sentinel analytics
- Automation in Microsoft Sentinel
- Work with Analytics Rules, Workbooks
- Threat Hunting activity
- Incident Management Unified Security Operation with Defender XDR, Microsoft Sentinel and Security Copilot DEMO