Days of Defender: Defend against threats with Microsoft Sentinel

Days of Defender: Defend against threats with Microsoft Sentinel

REGISTER HERE: https://aka.ms/DaysofDefenderSentinel 

Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response.

Agenda

Day 1: Sales and Deploying and configuring Microsoft Sentinel

• Design your Microsoft Sentinel workspace architecture
• Manage roles and permissions
• Enable data connectors
• Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel
• Understand security coverage by the MITRE ATT&CK® framework
• Connect Microsoft Sentinel to Amazon Web Services to ingest AWS service log data
• Azure Lighthouse
• Sentinel Data Storage Options
• Watchlists
• Analytics Rules
• Repositories
• Workbooks

Day 2: Threat Intelligence and Investigation

• Introduction to Threat Intelligence in Microsoft Sentinel
• Connect your threat intelligence platform to Microsoft Sentinel
• Work with threat indicators
• Detect Threat and Analyse Data
• Investigating incidents
• MDTI
• EASM
• Introduction to User and Entity Behavior Analytics (UEBA)
• UEBA analytics architecture
• Enable User and Entity Behaviour Analytics (UEBA)
• Anomalies detected by UEBA
• Querying UEBA
• Investigating with UEBA
• Fusion
• Creating and working with Automation Rules
• Automation with Playbooks
• Azure Logic Apps
• Customizing Microsoft Sentinel playbooks from templates