This course aims to help learners enhance their cloud-native threat detection and response maturity using Azure Sentinel. The course covers topics such as challenges and threats in the cloud, the limitations of traditional SIEM, and the capabilities of Azure Sentinel as a native cloud solution. Learners will also acquire skills in optimizing ingestion and retention costs, threat hunting, and data enrichment. The teaching method involves a video session delivered as part of a larger event, targeting individuals interested in cloud security and Azure Sentinel optimization.
Optimizing Your Azure Sentinel Platform with CyberProof
Overview
Syllabus
Intro
THE CHALLENGES IN THE CLOUD
THE THREATS IN THE CLOUD
TRADITIONAL SIEM IS NOT ENOUGH
AZURE SENTINEL-NO LONGER JUST A "SIEM"
AZURE SENTINEL-NATIVE CLOUD SOLUTION
AZURE SENTINEL - SIEM AS A CODE
THE SOC MANAGER
OPTIMIZING INGESTION COSTS-FILTERING AT THE SOURCE
OPTIMIZING INGESTION COSTS-SYSLOG DAEMON AND LOGSTASH
OPTIMIZING INGESTION COSTS - CUSTOM CODE
OPTIMIZING RETENTION COSTS
THE SECURITY ANALYST - THREAT HUNTING
The Security Analyst - Enrichment
Taught by
Microsoft Ignite
Tags
Related Courses
-
Cloud-native security operations with Microsoft Sentinel
-
SC-200: Perform threat hunting in Microsoft Sentinel
-
Managing and Responding to Security Events Using Azure Sentinel
-
SC-200: Configure your Microsoft Sentinel environment
-
Introduction to SIEM (Splunk)
-
SC-200: Create detections and perform investigations using Microsoft Sentinel
