Using Microsoft’s cloud-based Azure Sentinel, security organizations can leverage the full power of advanced artificial intelligence to automate threat identification and response – without the management complexity and scalability challenges of conventional SIEM solutions. In Microsoft Azure Sentinel , three of Microsoft’s leading Azure Sentinel experts review the problems Azure Sentinel can solve, and guide you step-by-step through planning, deployment, and day-to-day usage. Leveraging unsurpassed expertise helping early customers succeed with Azure Sentinel, they offer the most thorough, practical, and authoritative coverage available. Topics include:
- Understanding Azure Sentinel’s cloud-native SIEM approach, its advantages, and adoption considerations
- Configuring workspaces and ingesting data
- Understanding, creating, and validating Azure Sentinel analytics
- Managing and investigating cases
- Hunting threats and creating new queries
- Working with Jupyter and Community Notebooks
- Magnifying your capabilities through Playbooks and automation
- Visualizing data and taking full advantage of Azure Sentinel dashboards
- Integrating with partners and other third-parties, including Fortinet, AWS, and Palo Alto
