Microsoft Sentinel The Complete Introduction Course in Azure

Post published:20 August, 2023
Post category:StudyBullet-15
Reading time:9 mins read

LEARN Microsoft Sentinel with hands on experience in FREE Azure Lab environment! | Start your Cyber Security project now

What you will learn

Set up working Sentinel Environment for FREE

Discover different options for data ingestion

Understand the properties of Analytics Rules and see how to create them

Learn about Incident Management in Microsoft Sentinel

Discover different options for Automation in Microsoft Sentinel

Understand the purpose of Workbooks to visualize data

Understand and learn basics of KQL (Kusto Query Language)

Discover how to use Microsoft Sentinel for Threat Hunting

Learn how to create and update Watchlists for whitelisting reasons

How to respond to CyberSecurity threats

Learn about the importance of Threat Intelligence

Understand privileges and role assignment for Sentinel

Description

This Microsoft Sentinel (formerly known as Azure Sentinel) course with completely FREE Lab is designed to help IT professionals understand and utilize the Microsoft Sentinel platform for threat detection and response. The course covers everything from setting up a FREE Azure account to managing and automating the platform with hands on demonstration.

Throughout this course, you will learn how to create and manage Microsoft Sentinel, including the creation of log analytics workspace. You will also explore how to work with incidents and workbooks, as well as how to use the platform’s analytics rules, watchlists, and connectors to detect and respond to potential threats.

The course also includes an overview of user and entity behavior analytics, playbook settings, health monitoring as well as a discussion of Microsoft Sentinel roles and permissions.

Get Instant Notification of New Courses on our Telegram channel.

You will also learn about threat intelligence, including how to register for threat intelligence feeds and enable threat intelligence in Microsoft Sentinel.

The course features various hands on labs that will help you to better understand how to use the platform. You will learn how to create analytics rules, investigate incidents, hunt for threats, and implement automation. Additionally, you will explore additional functionalities as Jupyter Notebooks or Sentinel as Code to make the platform even more effective.

Join me on this journey to get hands on experience in Azure with Microsoft Sentinel and level up in your career!

English

language

Content

Introduction

Welcome to the Course

Course Content

About the Instructor

What is Microsoft Sentinel?

Create and Manage Microsoft Sentinel

Free Azure account

Demo: Create Resource Group

Demo: Create Log Analytics Workspace

Demo: Create Microsoft Sentinel

General Overview

Overview of Incidents

Overview of Workbooks and Hunting

Overview of Notebooks, Entities, Threat Intelligence and MITRE

Overview of Content Management and Repositories

Overview of Connectors, Analytics Rules and Watchlists

Overview of Automation

Pricing for Microsoft Sentinel

Pricing Calculator

User and Entity Behavior Analytics

Playbook Settings and Health Monitoring

Microsoft Sentinel Roles and Permissions

Demo: Assign Microsoft Sentinel Role

Data Connectors

Options for Data Connectors

Demo: Enable Data Connector

Content Hub

Demo: Content Hub

Threat Intelligence

Demo: Register to Threat Intelligence Feed

Demo: Enable Threat Intelligence

Demo: Data Retention Settings

Summary of Data Connectors Module

Analytics Rule

Introduction to Analytics Rules

Analytics Rules Dashboard

Properties of Analytics Rules

Demo: Create Analytics Rule

MultiStage Attack Detection

Analytics Rule Conclusion

Incident Management

Incident Management Introduction

Demo: Trigger Analytics Rule Detection

Incident Dashboard

Incident Information Overview

Demo: Incident Investigation Page

Demo: Incident Investigation Map

Demo: Entity Investigation

Demo: Incident Conclusion

Threat Hunting

Threat Hunting Introduction

Demo: SolarWind Investigation

Demo: Hunting for Infected Hosts

Hunting Dashboard

Demo: Hunting for Unknown Threats

Watchlists

Watchlists Introduction

Demo: Create Watchlist

Demo: Update Watchlist

Demo: Whitelist IP Addresses in the Analytics Rule

Workbooks

Workbooks Introduction

Demo: Create Workbook

Automation

Automation Introduction

Automation Dashboard

Options for Automation in Sentinel

Demo: Create Automation Rule

Demo: Create Automation Rule from Incident Dashboard

Demo: Playbook Designer

Automation History

Demo: VirusTotal Playbook

Other Concepts

Threat Intelligence Dashboard

Microsoft Sentinel LightHouse

Jupyter Notebooks

Sentinel as Code

Demo: Kusto Query Language

Kusto Query Language

Conclusion

Delete Microsoft Sentinel Environment

Thank you!

Enroll for Free

💠 Follow this Video to Get Free Courses on Every Needed Topics! 💠

Tags: CyberSecurity, Free Courses, Microsoft Sentinel, Security Information and Event Management (SIEM), Security Tools (IT), StudyBullet