Threat hunting with Microsoft Sentinel

Module
7 Units

Intermediate

Solution Architect

Security Operations Analyst

Azure

Microsoft Sentinel

In this module, you'll learn to proactively identify threat behaviors by using Microsoft Sentinel queries. You'll also learn to use bookmarks and livestream to hunt threats.

Learning objectives

In this module, you will:

Use queries to hunt for threats.
Save key findings with bookmarks.
Observe threats over time with livestream.

Prerequisites

Familiarity with security operations in an organization.
Basic experience with Azure services.
Basic knowledge of operational concepts such as monitoring, logging, and alerting.
Basic Microsoft Sentinel functionality.
Access to a Microsoft Azure subscription for exercise tasks.

Introduction min
Exercise setup min
Explore creation and management of threat-hunting queries min
Save key findings with bookmarks min
Observe threats over time with livestream min
Exercise - Hunt for threats by using Microsoft Sentinel min
Summary min