Documentation

Homepage

Overview

Overview

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Getting Started

Getting Started

  1. 12/17/2019, Video, 0:04:00
    In this edition of Azure Tips and Tricks, you'll learn what Azure Sentinel is and how to use it. Azure Sentinel provides a threat detection and mitigation service that helps...
  2. 11/5/2019, Video, 0:45:00
    As the value of digital information increases, so do the number and sophistication of cyberattacks. Traditional SIEM products are failing to protect today's infrastructure...

Learning

Learning Paths

AZ-400: Develop an instrumentation strategy
Published: 6/25/2020, Length: 9:41:00
Develop an effective instrumentation strategy through logging, telemetry, and monitoring and prepare for Exam AZ-400: Designing and Implementing Microsoft DevOps Solutions.

Learning Modules

Deploy Azure Sentinel and connect data sources
Published: 9/21/2020, Length: 0:50:00
Introduction to Azure Sentinel
Published: 9/21/2020, Length: 0:29:00
Design a holistic monitoring strategy on Azure
Published: 12/3/2019, Length: 0:57:00

Azure Sentinel News

11/30/2020, MS Tech Community
Azure Sentinel Logic Apps connector is the bridge between Sentinel and Playbooks, serving as the basis of incident automation scenarios. As we prepare for new Incident Trigger capabilities...
11/24/2020, MS Tech Community
An ARM template recently posted to the Azure network security GitHub repository has been created to deploy all components necessary for a detailed DDoS Protection alert that gets sent to the...
11/23/2020, MS Tech Community
We continue to expand the Azure Marketplace ecosystem. For this volume, 83 new offers successfully met the onboarding criteria and went live. See details of the new offers...
11/23/2020, MS Tech Community
Using continuous export of secure score (preview), you can stream secure score changes in real-time to an Event Hub or a Log Analytics workspace. This will enable you to track secure score over...
11/18/2020, MS Tech Community
MSTICPy, our CyberSec toolset for Jupyter notebooks, has supported VirusTotal lookups since the very earliest days (the earliest days being only around two years ago!). We recently had a...
11/17/2020, MS Tech Community
Thanks to Preeti Krishna and Alp Babayigit for the great help.   We have published several Blog posts on how Azure Sentinel can be used  Side-by-Side with 3rd Party SIEM tools,  leveraging...
11/12/2020, MS Tech Community
We’re very pleased to announce that the public preview of the new Microsoft 365 Defender connector is now available, alongside a new Azure Sentinel benefit for Microsoft 365 E5 customers!   The...
11/11/2020, MS Tech Community
  Leveraging Indictors of Compromise (IOC) and searching historical data for attack patterns is one of the primary responsibilities of a security monitoring team. Relevant security data for...
11/11/2020, MS Tech Community
The Microsoft 365 community is excited to announce new capabilities in Microsoft Insider Risk Management & Communication Compliance to help minimize internal risks by enabling you to detect,...
11/11/2020, MS Tech Community
Welcome to the MCAS Ninja Training! Check out the MCAS Ninja Training video introduction here!   Have you been wanting to secure your cloud resources? Do you have agreements with non-Microsoft...
11/10/2020, MS Tech Community
This blogpost is authored by Itai Norman and Tiander Turpijn. Thanks to the Azure Sentinel PM team for the great help.   In the world of cybersecurity and Security Information and Event...
11/10/2020, MS Tech Community
Microsoft Endpoint DLP is a unified and integrated experience to protect sensitive information used by information workers every day.   The new reality of significant numbers of employees working...
10/29/2020, MS Tech Community
With so many external cyber threats facing Government agencies, it can be easy to overlook risks from insiders that may have malicious objectives or that may make unintentional but serious...
10/22/2020, MS Tech Community
Azure Sentinel All in One is a project designed and developed by @Javier Soriano (Senior Program Manager - Microsoft), @Hesham Saad  (Sr. CyberSecurity Technical Specialist - Microsoft)...
10/22/2020, MS Tech Community
This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to enable you to easily digest the new...
10/21/2020, MS Tech Community
This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to enable you to easily digest the new...
9/22/2020, Service Updates
New analytics, threat intelligence, and data collection capabilities in Azure Sentinel empower defenders to combat rapidly evolving threats with increased efficiency.
The Microsoft Azure Lighthouse product group is launching a blog series Azure Lighthouse covering areas where we are investing to make our service provider partners and enterprise customers...