Managing and Responding to Security Events Using Azure Sentinel

This course will teach you what Azure Sentinel is and how it helps organizations optimize their security. You will learn how to use this solution for threat detection, investigation, and rapid response for security incidents in your environment.
Course info
Rating
(28)
Level
Beginner
Updated
Sep 28, 2020
Duration
1h 48m
Table of contents
Description
Course info
Rating
(28)
Level
Beginner
Updated
Sep 28, 2020
Duration
1h 48m
Description

Overwhelming volumes of security data combined with shortages of qualified professionals in the cybersecurity space continue to prove a challenge for many organizations. In this course, Managing and Responding to Security Events Using Azure Sentinel, you will learn how the Azure Sentinel can help you solve many SOC and SecOps challenges.

First, you will explore how simple it is to enable the Azure Sentinel solution in your Azure environments, and start ingesting data for analyses. Next, you will learn how to manage security incidents and use Workbooks for Visualizations. Finally, you will learn how Azure Sentinel helps you to detect threats using Analytic rules and how to perform proactive threat hunting.

By the end of this course, you will have the knowledge and confidence to be able to use the Azure Sentinel in your organization and help your organization's SOC and SecOps teams leverage this cloud-native SIEM-as-a-service and SOAR-as-a-service offering from Microsoft.

About the author
About the author

Muhammad Sajid is a high-octane Cloud Solutions Architect with a passion for turning whiteboard drawings into fully functional cloud-native software solutions. He speaks regularly on several community events and conferences about Azure in general, Architecture and cloud-native software development.

Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, everyone. My name is Mohammed Sajid. I am a hands‑on cloud solutions architect with the passion of turning whiteboard drawings into fully functional cloud‑native software solutions. In most organizations, due to the overwhelming volumes of security logs and talent shortage, SOC and SecOps teams are flooded with a very high volume of alerts. They spend most of their time in infrastructure setup and maintenance tasks rather than focusing on high‑value alerts. As a result, many real threats slip through the cracks. That's why Microsoft invested in a new cloud‑native SIEM and SOAR solution called Azure Sentinel, which solves some of the modern SOC and SecOps challenges. Some of the major topics that we will cover in this course include enabling Azure Sentinel in your Azure environment. We will cover commonly used connectors to ingest data into the Azure Sentinel. We will also create analytic rules to detect threats in our environment. In the end, we will learn to leverage security playbooks to respond to low‑severity security incidents. By the end of this course, you will be confident in using Azure Sentinel's core features. Before beginning this course, you should have some familiarity with Microsoft Azure. I hope you will join me in learning Managing and Responding to Security Events Using Azure Sentinel, at Pluralsight.