Security operations monitor an enterprise environment to rapidly identify and remediate risk from active attack operations, sharing insights and threat intelligence from these attacks to the rest of the organization.
The following videos provide guidance on security operations.
Part 1: Introduction - SOC Learnings, Strategies, and Technical Integration (24:30 long)
Part 2: Azure Alerts (2:36 long)
Part 3: Alert and Log Ingestion (4:51 long)
Part 4: Journey to Cloud Analytics (6:05 long)
Part 5: Security Operations General Guidance (3:42 long)
- See security operations best practices and capabilities for more information.
- Review the PowerPoint slides for the Microsoft Azure Security Compass Workshop.
- Security operations functions from the Cloud Adoption Framework for Azure
- SOC Process Framework Workbook for Microsoft Sentinel
- Additional security guidance from Microsoft
Key Microsoft security resources
|2021 Microsoft Digital Defense Report||A report that encompasses learnings from security experts, practitioners, and defenders at Microsoft to empower people everywhere to defend against cyberthreats.|
|Microsoft Cybersecurity Reference Architectures||A set of visual architecture diagrams that show Microsoft’s cybersecurity capabilities and their integration with Microsoft cloud platforms such as Microsoft 365 and Microsoft Azure and third-party cloud platforms and apps.|
|Minutes matter infographic download||An overview of how Microsoft's SecOps team does incident response to mitigate ongoing attacks.|
|Azure Cloud Adoption Framework security operations||Strategic guidance for leaders establishing or modernizing a security operation function.|
|Microsoft cloud security for IT architects model||Security across Microsoft cloud services and platforms for identity and device access, threat protection, and information protection.|
|Microsoft security documentation||Additional security guidance from Microsoft.|
Submit and view feedback for