This course is aimed at IT professionals and Azure administrators that have some experience administering and configuring Azure, but want to gain an insight into implementing Microsoft’s SIEM\/SOAR solution, Microsoft Sentinel.<\/p>","outline":"
Module 1: Overview of Microsoft Sentinel<\/strong>\nLessons:\n<\/p>\n Module 2: KQL<\/strong>\nLessons:\n<\/p>\n Module 3: Data Connectors<\/strong>\nLessons:\n<\/p>\n Module 4 – Analytics Rules<\/strong>\nLessons:\n<\/p>\n Module 5 – Incident Management<\/strong>\nLessons:\n<\/p>\n Module 6 – Hunting<\/strong>\nLessons:\n<\/p>\n Module 7 – Watchlists<\/strong>\nLessons:\n<\/p>\n Module 8 – Threat Intelligence<\/strong>\nLessons:\n<\/p>\n This 3 day hands on course helps you get ramped up with Microsoft Sentinel and provide hands-on practical experience for product features, capabilities, and scenarios.<\/p>\n During the course you will deploy a Microsoft Sentinel workspace and ingest pre-recorded data to simulate scenarios that showcase various Microsoft Sentinel features.<\/p>","audience_plain":"This course is aimed at IT professionals and Azure administrators that have some experience administering and configuring Azure, but want to gain an insight into implementing Microsoft\u2019s SIEM\/SOAR solution, Microsoft Sentinel.","outline_plain":"Module 1: Overview of Microsoft Sentinel\nLessons:\n\n\n\n- Overview of Microsoft Sentinel\n- Data ingestion methods\n- Microsoft Sentinel for MSSPs\n- User and Entity Behaviour Analytics\n- Fusion\n- Notebooks\n- Management & Automation Tools\n- Logs & Costs\nModule 2: KQL\nLessons:\n\n\n\n- Importance of KQL across Azure\n- The User Interface (demo)\n- The standard KQL Structure\n- Common KQL Commands\nModule 3: Data Connectors\nLessons:\n\n\n\n- Manage content in Microsoft Sentinel\n- Connect data to Microsoft Sentinel using data connectors\n- Connect Microsoft services to Microsoft Sentinel\n- Connect Microsoft 365 Defender to Microsoft Sentinel\n- Connect Windows hosts to Microsoft Sentinel\n- Connect Common Event Format logs to Microsoft Sentinel\n- Connect syslog data sources to Microsoft Sentinel\n- Connect threat indicators to Microsoft Sentinel\nModule 4 \u2013 Analytics Rules\nLessons:\n\n\n\n- Threat detection with Microsoft Sentinel analytics\n- Automation in Microsoft Sentinel\n- Threat response with Microsoft Sentinel playbooks\nModule 5 \u2013 Incident Management\nLessons:\n\n\n\n- Incident management Overview\n- User and Entity Behaviour Analytics\n- Data normalization in Microsoft Sentinel\n- Query, visualize, and monitor data\nModule 6 \u2013 Hunting\nLessons:\n\n\n\n- Threat hunting concepts\n- Threat hunting with Microsoft Sentinel\n- Use Search jobs in Microsoft Sentinel\n- Hunt for threats using notebooks\nModule 7 \u2013 Watchlists\nLessons:\n\n\n\n- Prioritize incidents\n- Import business data\n- Reduce Alert Fatigue\n- Enrich Event Data\nModule 8 \u2013 Threat Intelligence\nLessons:\n\n\n\n- Threat Intelligence Overview\n- Threat Intelligence in Microsoft Sentinel","summary_plain":"This 3 day hands on course helps you get ramped up with Microsoft Sentinel and provide hands-on practical experience for product features, capabilities, and scenarios.\n\nDuring the course you will deploy a Microsoft Sentinel workspace and ingest pre-recorded data to simulate scenarios that showcase various Microsoft Sentinel features.","version":"1.0","duration":{"unit":"d","value":3,"formatted":"3 days"},"lastchanged":"2024-11-04T09:21:18+00:00","parenturl":"https:\/\/portal.flane.co.uk\/exertis\/json-courses","nexturl_course_schedule":"https:\/\/portal.flane.co.uk\/exertis\/json-course-schedule\/34038","source_lang":"en","source":"https:\/\/portal.flane.co.uk\/exertis\/json-course\/ot-m55610a"}}\n
\n
\n
\n
\n
\n
\n
\n