Security operations

Security operations monitor an enterprise environment to rapidly identify and remediate risk from active attack operations, sharing insights and threat intelligence from these attacks to the rest of the organization.

The following videos provide guidance on security operations.

Part 1: Introduction - SOC Learnings, Strategies, and Technical Integration (24:30 long)

Part 2: Azure Alerts (2:36 long)

Part 3: Alert and Log Ingestion (4:51 long)

Part 4: Journey to Cloud Analytics (6:05 long)

Part 5: Security Operations General Guidance (3:42 long)

Next steps

See also

Key Microsoft security resources

Resource Description
2021 Microsoft Digital Defense Report A report that encompasses learnings from security experts, practitioners, and defenders at Microsoft to empower people everywhere to defend against cyberthreats.
Microsoft Cybersecurity Reference Architectures A set of visual architecture diagrams that show Microsoft’s cybersecurity capabilities and their integration with Microsoft cloud platforms such as Microsoft 365 and Microsoft Azure and third-party cloud platforms and apps.
Minutes matter infographic download An overview of how Microsoft's SecOps team does incident response to mitigate ongoing attacks.
Azure Cloud Adoption Framework security operations Strategic guidance for leaders establishing or modernizing a security operation function.
Microsoft cloud security for IT architects model Security across Microsoft cloud services and platforms for identity and device access, threat protection, and information protection.
Microsoft security documentation Additional security guidance from Microsoft.