Module Overview

Overview

Microsoft Sentinel offers a streamlined SIEM with AI-enhanced cloud capabilities for rapid threat detection and response. In integration with Copilot for Security and the unified SOC platform combining SIEM and XDR for end-to-end protection, Microsoft Sentinel ensures a more automated SOC, enhancing organizational security with AI and automation across the lifecycle.

Course Modules

Modules

Microsoft Sentinel basic concepts

A Unified SOC with Microsoft Sentinel streamlines cloud fundamentals, analytics, architecture, and multi-cloud data, while enabling SOAR automation, threat intelligence, MITRE ATT&CK, rules, workbooks, and DevOps CI/CD.

Planning the migration

Microsoft Sentinel migration includes workspace design, cost estimation, using solutions, writing KQL queries, and creating threat detection rules.

Microsoft Sentinel basic concepts

SIEM migration involves moving rules, automation, and data, converting dashboards to workbooks, and updating SOC processes for a smooth transition.

Post-migration optimization

Microsoft Sentinel streamlines security with threat detection, hunting, UEBA, automation via rules and playbooks, incident investigation, watchlists, and data connectors.

Optimizing SOC​

Streamline SOC operations with a unified experience powered by Security Copilot and a unified platform demo. Post-migration, enable efficient multi-customer management for enhanced security operations.

Explore related topics

Microsoft Sentinel

Explore other courses