Microsoft Sentinel course/training: Learn how to use Microsoft Sentinel

Показать описание

Watch this video to learn information on how to use and manage Microsoft Sentinel

Understanding and setting up a Microsoft Sentinel Workspace

*Overview of Microsoft Sentinel
*Configuring a Microsoft Sentinel workspace
*Managing roles regarding Sentinel
*Managing log types, log retention, and data storage in Sentinel

Working with data connectors and ingestion in Microsoft Sentinel

*Microsoft Sentinel data source identification
*Setting up connectors for ingesting data into Microsoft Sentinel
*Connecting Sentinel with Microsoft 365 Defender and Defender for Cloud
*Common Event Format (CEF) and Syslog event collections
*Windows Security Event Collection setup in Microsoft Sentinel
*Managing threat intelligence connectors in Microsoft Sentinel
*Working with custom log tables

Using analytics rules in Microsoft Sentinel

*Understanding analytics rules in Microsoft Sentinel
*Fusion rule configuration
*Security analytics rules
*Working with scheduled query rules in Microsoft Sentinel
*Custom scheduled query rules
*Working with near-real-time (NRT) analytics rules
*Content hub analytics rules
*Watchlists in Microsoft Sentinel
*Threat indicators in Microsoft Sentinel

Classification, normalization & security orchestration automated response (SOAR)

*Working with using entities for classifying and analyzing data
*Advanced Security Information Model(ASIM) queries with Microsoft Sentinel
*ASIM parser management
*Using automation rules
*Using playbooks in Microsoft Sentinel
*Automation rule triggering using analytic rules
*Alert and incident playbook triggering

Dealing with Incidents and Workbooks for analyzes and interpretation of data

*Incident generation in Microsoft Sentinel
*Understanding the concepts of triaging incidents in Sentinel
*Microsoft Sentinel incident investigation
*How to respond to Microsoft Sentinel incidents
*Multi-workspace incident investigation
*Workbook template customization and management
*Implementing custom workbooks in Microsoft Sentinel
*Working with advanced visualizations

Threat hunting and entity behavior analytics in Microsoft Sentinel

*MITRE ATT&CK attack vectors in Microsoft Sentinel
*Using hunting queries from the content gallery
*Hunting query customization
*Data investigations with hunting bookmarks
*Using Livestream to monitor hunting queries
*How archived log data can be retrieved in Microsoft Sentinel
*Search job management in Microsoft Sentinel
*Entity Behavior Analytics settings
*Entity page investigation of threats
*Anomaly detection analytics rules in Microsoft Sentinel

Рекомендации по теме

Комментарии

Thank you for not assuming the listener knows something- your way of explaining each term is very skillful and extremely appreciated!

joshjones

This is a beyond video - The value provided by John in this video is completely instrumental if someone really wants to observe the knowledge. Thanks John Christopher - big kudos..

YoursAkki

Excellent work, very easy to understand what you teaching . Learnt a lot from your video. Please keep up the good work

TrekkingtrailsA

I am learning Sentinel for the first time, after getting my CISSP

peterkuczynski

This is a major help if you are taking the SC-200 exam but good to know if you do just about anything with in Entra ID! Awesome video will be watching this one a few times for sure. Thank you for the big help between the 2 video's releasedin the last day or so as they will add a lot to anyone taking the SC-200 and the other Defender video will help with the SC-300!

kitfo

Great video! Your attention to detail was superb, and the explanations were clear. Thank you for the valuable content!

niksojitra

Amazing video. thanks for sharing you knowlegde.

lucianoribeiro

Great video, loved the style, tone, content - thanks

gillymccyber

Does this map to any MS certification?

rahulchakravarti

Microsoft Sentinel course/training: Learn how to use Microsoft Sentinel

Microsoft Sentinel course/training: Learn how to use Microsoft Sentinel

Microsoft Sentinel in just 30 minutes

Learn to Deploy and Setup Microsoft Sentinel with Test data - Free Lab Walkthrough - Module 1

Microsoft Sentinel Masterclass | Bootcamp (8 Labs & 29 Exercises)

Microsoft Sentinel Tutorial - All New Jan 2024

Get Started with Azure Sentinel

Azure Sentinel For Beginners (2024)

Learn Live - Microsoft Sentinel Fundamentals

What is Azure Sentinel and why you should care | Azure Tips and Tricks

Microsoft Azure Sentinel Training For Beginners | Sentinel Workbooks

Functionality and Usage of Microsoft Sentinel - AZ-900 Certification Course

Microsoft Sentinel 101: Using a Cloud Native SIEM

Microsoft Azure Sentinel Training For Beginners | Sentinel Threat Detection

Azure Sentinel - Beginner Training Part 1 -Updated

Azure Sentinel Tutorial | Azure Sentinel Demo | Azure Sentinel Training | Intellipaat

Microsoft Sentinel Deep Dive SEPT. 2023 Update

What is Azure Sentinel ? | Introduction to Azure Sentinel | InfosecTrain

Microsoft Sentinel Incident Investigation | Free Lab

Microsoft Sentinel Training & Certification

What is Microsoft Azure Sentinel? Cloud-native SIEM.

SIEM Tutorial for Beginners | Azure Sentinel Tutorial MAP with LIVE CYBER ATTACKS!

Microsoft Sentinel Deep Dive JAN. 2023 (New Version Available)

Azure Sentinel Overview | Azure Sentinel Training | Live batches | Limited seat

Become an Azure Sentinel Ninja: The complete level 400 training on Microsoft's SIEM!