![]() Rod will help me better understand how Microsoft Sentinel delivers intelligent security analytics and threat intelligence across the enterpriseĠ0:08:52 – Four pillars of Microsoft SentinelĠ0:13:34 – Let’s learn about Microsoft SentinelĠ0:23:50 – Current SOC Efficiency Hunt ComplaintsĠ0:28:27 – Can Microsoft Sentinel integrate with other Microsoft security tools?Ġ0:30:40 – Does Microsoft Sentinel only work with Microsoft products and clouds?Ġ0:32:42 – What can be automated in Microsoft Sentinel? To help me with my journey into deploying Microsoft Sentinel I’ll be joined by Microsoft Senior Cloud Security Advocate Rod Trent this week to see how we can build SOC efficiency with Microsoft Sentinel. In this session, we’ll talk about how Microsoft Sentinel was intentionally and mindfully developed to allow security teams to do more things more quickly without a drain on resources. One of those gaps is around efficiency and scale. Microsoft Sentinel exists today, in part, because of the gaps in existing tools that were identified as Microsoft began its own journey to the cloud. You can also link your data sources to Microsoft Sentinel using common event formats, Syslog, or REST-API. There are also built-in interfaces for non-Microsoft security solutions to the broader security ecosystem. Microsoft Sentinel includes a number of connectors for Microsoft solutions that are ready to use and provide real-time integration, such as Microsoft 365 Defender (formerly Microsoft Threat Protection) solutions and Microsoft 365 sources such as Office 365, Azure AD, Microsoft Defender for Identity (formerly Azure ATP), and Microsoft Defender for Cloud Apps, among others. This week we’ll investigate the use cases for implementing the first cloud-native Security and Event Management service (SIEM) Microsoft Sentinel. Any communication, investigation, or hunting actions must be coordinated with the application team. The central SecOps team monitors and analyses security-related telemetry data. Microsoft documentation defines the role of the security operation teams (also known as Security Operations Center (SOC), or SecOps) is to detect, prioritize, and triage potential attacks. By preventing these security incidents you can build trust with those who may access your applications and IT solutions. If you’re currently deploying workloads in the cloud, how they handle potential intrusions and attacks is crucial. It’s been a few weeks but AzureFunBytes is back with a new episode all about mitigating risk in the cloud by using tools provided by Azure. Every week we get together at 11 AM Pacific on Microsoft LearnTV and learn more about Azure. ![]() It’s a chance for me to understand more about what people across the Azure organization do and how they do it. AzureFunBytes is a weekly opportunity to learn more about the fundamentals and foundations that make up Azure. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |