Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Learn Live - Microsoft Sentinel Fundamentals

Microsoft Developer
588K subscribers
<__slot-el>
<__slot-el>
6.3K views Streamed 1 year ago
Full series information: https://aka.ms/learnlive-202302FT More info here: https://aka.ms/learnlive-202302FT-Ep15 To provide a guide in logically executing a Microsoft Sentinel Deployment and to highlight some of the key components through demonstration. --------------------- Learning objectives
  • Explain Microsoft Sentinel Cost
 ...more
...more

Welcome and Introduction

0:11

Learning Materials and Links

1:41

Learning Objectives

2:17

Sentinel Phase 1: Collect

3:52

Sentinel Architecture Design Considerations

4:34

Sentinel Cost and Pricing

7:48

Log Analytics Walkthrough - Estimated Cost and Retention

11:27

Sentinel GitHub and All-in-One Deployment Tool

15:09

Key Checkpoints in Sentinel Set-up

18:16

Sentinel Roles and Permissions

22:36

Content Hub Discussion

25:07

Data Connectors and Data Ingestion

29:11

Sentinel Phase 2: Detect

39:55

User Entity Behavior Analytics and Analytic Rules

41:55

Out-of-the-box Native and Third-Party Data Source Analytic Rules

47:02

MITRE Attack Panel - Using it to Choose Analytic Rules

51:39

Sentinel Phase 3: Incident and Alert Investigation

1:03:04

Incident Enrichment

1:10:07

Incident Actions and Tasks

1:11:41

Entity Investigation

1:14:20

Sentinel Phase 4: Respond

1:19:34

Watchlists

1:20:08

Playbooks

1:21:07

Automation Rules

1:25:15

Questions and Conclusion

1:28:11
Learn Live - Microsoft Sentinel Fundamentals
Full series information: https://aka.ms/learnlive-202302FT More info here: https://aka.ms/learnlive-202302FT-Ep15 To provide a guide in logically executing a Microsoft Sentinel Deployment and to highlight some of the key components through demonstration. --------------------- Learning objectives
  • Explain Microsoft Sentinel Cost
  • Discuss Architectual considerations with Microsoft Sentinel
  • Demonstrate how to collect Alerts from Microsoft security products into Microsoft Sentinel for single pane of glass view
  • Unify Security Tools to talk to each other include third party data connectors and solutions from Content Hub.
  • Create visualization of data using Workbooks
  • Demonstrate and talk through Microsoft Sentinel features through the Collect, Detect, Investigate and Respond process leveraging User Entity Behavior Analytics (UEBA)
--------------------- Chapters -------- 00:11 - Welcome and Introduction 01:41 - Learning Materials and Links 02:17 - Learning Objectives 03:52 - Sentinel Phase 1: Collect 04:34 - Sentinel Architecture Design Considerations 07:48 - Sentinel Cost and Pricing 11:27 - Log Analytics Walkthrough - Estimated Cost and Retention 15:09 - Sentinel GitHub and All-in-One Deployment Tool 18:16 - Key Checkpoints in Sentinel Set-up 22:36 - Sentinel Roles and Permissions 25:07 - Content Hub Discussion 29:11 - Data Connectors and Data Ingestion 39:55 - Sentinel Phase 2: Detect 41:55 - User Entity Behavior Analytics and Analytic Rules 47:02 - Out-of-the-box Native and Third-Party Data Source Analytic Rules 51:39 - MITRE Attack Panel - Using it to Choose Analytic Rules 1:03:04 - Sentinel Phase 3: Incident and Alert Investigation 1:10:07 - Incident Enrichment 1:11:41 - Incident Actions and Tasks 1:14:20 - Entity Investigation 1:19:34 - Sentinel Phase 4: Respond 1:20:08 - Watchlists 1:21:07 - Playbooks 1:25:15 - Automation Rules 1:28:11 - Questions and Conclusion --------------------- Presenters Andre Murrell Azure Customer Engineer Microsoft Simona Kovatcheva Senior Cloud Security Engineer Microsoft Moderators Rudnei Oliveira Senior Customer Engineer Microsoft

Follow along using the transcript.

Microsoft Developer

588K subscribers
Live chat replay is not available for this video.