Topics

Certifications & Exams

Azure Services

Azure Sentinel

Service Profile Documentation Resources Videos

 

Service Profile
Documentation
Resources
Videos
Learning
Homepage
RSS-Feed
Pricing
Service Level

Documentation

Homepage

Overview

Overview

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Pricing SLAs

Getting Started

Getting Started

  1. What is Azure Sentinel and why you should care | Azure Tips and Tricks
    12/17/2019, Video, 0:04:00
    In this edition of Azure Tips and Tricks, you'll learn what Azure Sentinel is and how to use it. Azure Sentinel provides a threat detection and mitigation service that helps...
  2. Modernize your SIEM in the cloud with Azure Sentinel
    11/5/2019, Video, 0:45:00
    As the value of digital information increases, so do the number and sophistication of cyberattacks. Traditional SIEM products are failing to protect today's infrastructure...

Videos

Building and deploying web apps with Static Web Apps
0:18:40
12/1/2020, The DevOps Lab
Building and deploying web apps with Static Web Apps
Monitoring AKS with Azure Sentinel
0:14:09
11/17/2020, YouTube: DevOps at Microsoft
Monitoring AKS with Azure Sentinel
Monitoring AKS with Azure Sentinel
0:14:08
11/17/2020, The DevOps Lab
Monitoring AKS with Azure Sentinel
How a global financial institution shuts down cyberthreats at scale with Microsoft Azure Sentinel
0:07:46
11/16/2020, YouTube: IT Ops Talk
How a global financial institution shuts down cyberthreats at scale with...
Azure Master Class Part 9 - Monitoring and Security
1:45:14
11/3/2020, John Savill's Technical Training
Azure Master Class Part 9 - Monitoring and Security
Policy as Code with Terraform and Sentinel
0:06:42
10/27/2020, YouTube: DevOps at Microsoft
Policy as Code with Terraform and Sentinel
more...

Learning

Learning Paths

AZ-400: Develop an instrumentation strategy
AZ-400: Develop an instrumentation strategy
Published: 6/25/2020, Length: 9:41:00
Develop an effective instrumentation strategy through logging, telemetry, and monitoring and prepare for Exam AZ-400: Designing and Implementing Microsoft DevOps Solutions.

Learning Modules

Deploy Azure Sentinel and connect data sources
Deploy Azure Sentinel and connect data sources
Published: 9/21/2020, Length: 0:50:00
Introduction to Azure Sentinel
Introduction to Azure Sentinel
Published: 9/21/2020, Length: 0:29:00
Design a holistic monitoring strategy on Azure
Design a holistic monitoring strategy on Azure
Published: 12/3/2019, Length: 0:57:00
Improve your cloud security posture with Azure Security Center
Improve your cloud security posture with Azure Security Center
Published: 9/8/2020, Length: 0:39:00
more...

Azure Sentinel News

11/30/2020, MS Tech Community
What's New: Azure Sentinel Logic Apps Connector improvements and new capabilities
Azure Sentinel Logic Apps connector is the bridge between Sentinel and Playbooks, serving as the basis of incident automation scenarios. As we prepare for new Incident Trigger capabilities...
11/24/2020, MS Tech Community
Enriching DDoS Protection Alerts with Logic Apps
An ARM template recently posted to the Azure network security GitHub repository has been created to deploy all components necessary for a detailed DDoS Protection alert that gets sent to the...
11/23/2020, MS Tech Community
Azure Marketplace new offers – Volume 96
We continue to expand the Azure Marketplace ecosystem. For this volume, 83 new offers successfully met the onboarding criteria and went live. See details of the new offers...
11/23/2020, MS Tech Community
Continuously Export Secure Score for Over-Time Tracking and Reporting (Preview)
Using continuous export of secure score (preview), you can stream secure score changes in real-time to an Event Hub or a Log Analytics workspace. This will enable you to track secure score over...
11/18/2020, MS Tech Community
Using the VirusTotal V3 API with MSTICPy and Azure Sentinel
MSTICPy, our CyberSec toolset for Jupyter notebooks, has supported VirusTotal lookups since the very earliest days (the earliest days being only around two years ago!). We recently had a...
11/17/2020, MS Tech Community
How to export data from Splunk to Azure Sentinel
Thanks to Preeti Krishna and Alp Babayigit for the great help.   We have published several Blog posts on how Azure Sentinel can be used  Side-by-Side with 3rd Party SIEM tools,  leveraging...
11/12/2020, MS Tech Community
Microsoft 365 Defender connector now in Public Preview for Azure Sentinel
We’re very pleased to announce that the public preview of the new Microsoft 365 Defender connector is now available, alongside a new Azure Sentinel benefit for Microsoft 365 E5 customers!   The...
11/11/2020, MS Tech Community
Hunting for Barium using Azure Sentinel
  Leveraging Indictors of Compromise (IOC) and searching historical data for attack patterns is one of the primary responsibilities of a security monitoring team. Relevant security data for...
11/11/2020, MS Tech Community
Microsoft Insider Risk Management & Communication Compliance - New Announcements & Updates
The Microsoft 365 community is excited to announce new capabilities in Microsoft Insider Risk Management & Communication Compliance to help minimize internal risks by enabling you to detect,...
11/11/2020, MS Tech Community
The Microsoft Cloud App Security (MCAS) Ninja Training is Here!
Welcome to the MCAS Ninja Training! Check out the MCAS Ninja Training video introduction here!   Have you been wanting to secure your cloud resources? Do you have agreements with non-Microsoft...
11/10/2020, MS Tech Community
Monitoring your Logic Apps Playbooks in Azure Sentinel
This blogpost is authored by Itai Norman and Tiander Turpijn. Thanks to the Azure Sentinel PM team for the great help.   In the world of cybersecurity and Security Information and Event...
11/10/2020, MS Tech Community
Announcing Microsoft Endpoint DLP General Availability
Microsoft Endpoint DLP is a unified and integrated experience to protect sensitive information used by information workers every day.   The new reality of significant numbers of employees working...
10/29/2020, MS Tech Community
Insider Threat and Predictive Analytics
With so many external cyber threats facing Government agencies, it can be easy to overlook risks from insiders that may have malicious objectives or that may make unintentional but serious...
10/22/2020, MS Tech Community
Azure Sentinel All-In-One Accelerator
Azure Sentinel All in One is a project designed and developed by @Javier Soriano (Senior Program Manager - Microsoft), @Hesham Saad  (Sr. CyberSecurity Technical Specialist - Microsoft)...
10/22/2020, MS Tech Community
What’s new – Announcing new Azure Sentinel data residency locations: Japan, UK and Canada
This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to enable you to easily digest the new...
10/21/2020, MS Tech Community
What’s New: Entity Insights for Convenient Investigation Checks is Now in Public Preview
This installment is part of a broader series to keep you up to date with the latest features in Azure Sentinel. The installments will be bite-sized to enable you to easily digest the new...
9/22/2020, Service Updates
Azure Sentinel launches new analytics, threat intelligence, and data collection features
New analytics, threat intelligence, and data collection capabilities in Azure Sentinel empower defenders to combat rapidly evolving threats with increased efficiency.
9/16/2020, Microsoft Azure Blog
Build a scalable security practice with Azure Lighthouse and Azure Sentinel
The Microsoft Azure Lighthouse product group is launching a blog series Azure Lighthouse covering areas where we are investing to make our service provider partners and enterprise customers...