Summary - Design solutions for security operations

Completed

You've learned how to:

• Design security operations capabilities in hybrid and multicloud environments
• Design centralized logging and auditing
• Design Security Information and Event Management (SIEM) solutions
• Design a solution for detection and response that includes Extended Detection and Response (XDR)
• Design a solution for security orchestration, automation, and response (SOAR)
• Design security workflows
• Design and evaluate threat detection with the MITRE ATT&CK framework

Learn more with security documentation

• Cloud SOC functions - Cloud Adoption Framework | Microsoft Learn
• Unified operations for hybrid, multicloud, and edge - Cloud Adoption Framework | Microsoft Learn
• Workspace architecture best practices for Microsoft Sentinel | Microsoft Learn
• Microsoft cloud security benchmark - Logging and threat detection | Microsoft Learn
• Azure Monitor overview
• Evaluate and pilot Microsoft Defender XDR, an XDR solution | Microsoft Learn
• Introduction to automation in Microsoft Sentinel | Microsoft Learn
• Microsoft cloud security benchmark - Incident Response | Microsoft Learn
• Understand threat intelligence in Microsoft Sentinel | Microsoft Learn
• Hunting capabilities in Microsoft Sentinel | Microsoft Learn
• View MITRE coverage for your organization from Microsoft Sentinel | Microsoft Learn
• Design a Log Analytics workspace architecture
• Designing and configuring data access in a workspace.
• Sample workspace architectures for Microsoft Sentinel.

Learn more with reference architectures

• Microsoft Sentinel automated responses - Azure Architecture Center | Microsoft Learn
• Hybrid security monitoring with Microsoft Sentinel - Azure Architecture Center | Microsoft Learn

Note

This module contains AI-generated content.