Cloud-native security operations with Microsoft Sentinel
This learning path describes basic architecture, core capabilities, and primary use cases of its products. You'll also learn about differences and Get familiar with Microsoft Sentinel, a cloud-native, security information and event management (SIEM) service.
Prerequisites
- Familiarity with security operations in an organization
- Basic experience with Azure services
- Basic knowledge of operational concepts such as monitoring, logging, and alerting
- A Microsoft Sentinel instance in your Azure subscription
Modules in this learning path
Traditional security information and event management (SIEM) systems typically take a long time to set up and configure. They're also not necessarily designed with cloud workloads in mind. Microsoft Sentinel enables you to start getting valuable security insights from your cloud and on-premises data quickly. This module helps you get started.
In this course you'll learn how to deploy Microsoft Sentinel and connect it to data sources. You'll also learn how to use Azure and AI to provide analysis of security alerts.
In this module, you learned how Microsoft Sentinel Analytics can help the SecOps team identify and stop cyber attacks.
Learn about security incidents, incident evidence and entities, incident management, and how to use Microsoft Sentinel to handle incidents.
In this module, you'll learn to proactively identify threat behaviors by using Microsoft Sentinel queries. You'll also learn to use bookmarks and livestream to hunt threats.
