back

Use Microsoft Sentinel to Mitigate Threats

3 H 39 M

Just you? Training a whole team? There's an ITProTV plan that fits.

Start Training Today
Episodes
Episodes
  • Overview
    • Overview
    • Planning a Microsoft Sentinel Deployment
  • Design and Configure a Microsoft Sentinel Workspace
    • Configure Sentinel Resources
    • Configure Sentinel Roles
  • Plan and Implement Data Connectors in Microsoft Sentinel
    • Planning for Data Sources and Data Connectors
    • Data Connectors, Event Collectors, and Custom Connectors
  • Manage Microsoft Sentinel Analytics Rules
    • Configure Queries and Analytics Rules
    • Define Incident Creation Logic
    • Use Watchlists and Threat Indicators
  • Perform Data Classification and Normalization
    • Analyze Data Using Entities
    • Create Custom Logs in Azure Log Analytics
    • Develop and Manage ASIM Parsers
  • Configure SOAR in Microsoft Sentinel
    • Configure Automation Rules
    • Use Automation in Microsoft Sentinel
  • Manage Microsoft Sentinel Incidents
    • Investigate Multi-Workspace Incidents
    • User and Entity Behavior Analytics
  • Use Microsoft Sentinel Workbooks
    • Use Workbooks
    • Configure Advanced Visualizations
  • Hunt for Threats Using Microsoft Sentinel
    • Use Hunting Queries
    • Threat Hunt Using Notebooks and Bookmarks

Overview

3 M

itprotv course thumbnailitprotv course thumbnailitprotv course thumbnail
  • Episode Description
  • Transcript

WEBVTT >> Thank you so much for joining us. I'm your host Lauren Deal and I'll be your Lerner advocate as we go along and asking this guy all the questions you probably haven't home. Welcome this show. Anthony, how are you today? >> I am doing great. Lauren, thank you so much for hosting this for us. This is, of course, tonight been waiting for quite a bit of time with here at ACI Learning. So excited to finally be teaching this the we're going to be looking at Microsoft's Sentinel in great detail. What is Sentinel? Well, it's Microsoft's scene. It's their security incident and event management package. And it is very much a competitor to a product that is near and dear to Lauren I's heart and that is Splunk. So it is Microsoft's answer to Splunk and we're going to be breaking it down and detailing it for you in the episodes that follow. >> That is awesome. I'm so excited because as you know, Anthony and I have a very dear appreciation for Spock. And so having Microsoft come out with its own spinoff is really exciting for both of us. >> Now, Anthony, what are some bullet points? You might give us a little teaser about what we can talk about. Our one of the things that we're going to look at is will start off just by really taking an overview of where you go to access this product. How do you set it up and then work going to quickly dive into taking advantage of all of the features that it has to offer and it is an impressive feature list. So we'll, of course, teach you how to get data into this product. It's scientifically proven it works. Great of data can get inside it and then will also teach you how to handle the data once it's inside this product. How do we queria how do we add automation and orchestration workflows so we'll get this product really working well for us. >> This is exciting because this is exactly what I've been looking for and maybe this is the answer to everything you've been looking for as well. Now, Anthony, I am excited about this and I have a little bit of an understanding about Splunk. >> Who else would be this a perfect course for? Yeah. I think this course is going to be perfect for really one of different individuals. It could be someone that is interested in just evaluating this product. So we'll have that happen a lot. We are an organization will think he's maybe we should be using Microsoft's Sentinel so they will tune in to evaluate this product. Another group of individuals that may be here are those that have been ordered. They must use Microsoft's Sentinel get to work. So it's been mandated for their organization and now they are here getting the down and dirty training. They need to get in there and get work done with Sentinel. But there is a 3rd group and we're going to address that as well. It's those interested in certification. This course maps to the Sentinel content in Microsoft's exam, SE 200. So we are covering all of those objectives. It was as well in the event. We have individuals here that are going to be achieving. They're Microsoft Azure, certification on Sentinel Technologies. This is perfect because whether you are one of those 3 or maybe you're coming to us out of just interest, we're excited to go along this journey with you. So, Anthony, what do you say? We dump in your first episode? Now let's get started. Our first episode is going to be really just making sure you can get up and running quickly and plan your environment correctly. >> All right. Well, let's get planning by jumping into the next episode. See there