Hi,
I want to create a document on Microsoft Azure Sentinel for SOC providers. Basically what I want to do on this document is as follow:
1. Introduction of Azure Sentinel (Architecture, How it works, what are the benefits, etc.)
2. How to enable Azure Sentinel (Azure subscription, Pricing and Pricing options, storage, analytics and other add-ins)
3. How to configure and connect different types of SIEM, Firewalls, End Points, Devices and Syslog
4. Integrate 3rd party services and customize Dashboard (Open Threat eXchange, PoC, etc.)
4.1 Risk and Threat Assessment
4.2 Integrate Vulnerability Assessment
4.3 Integrate Penetration Testing
4.4 Integrating Information System Audit
4.5 Integrating SAM and IT Inventory
4.6 Integrating Software Licensing (Microsoft Products) Status Verification
5. How to hunt cyber threats (Detect, Identify, and Respond)
5.1 On-Premises Network, System, Devices, Services, Software Platforms
5.2 Branch and Mobile Network and Devices
5.3 Cloud Services (VPS, Microsoft Cloud Services, Other Cloud Services)
6. Threat response
7. Recording an incident and incident handling process
8. Creating an incident report(s)
Basically what I want to create is how to build a Security Operation Center with Azure Sentinel. Can you help me to create this document?
