Call : (+91) 968636 4243
Mail : info@EncartaLabs.com
EncartaLabs

MS Azure Sentinel

( Duration: 3 Days )

Azure Sentinel is a next-generation, cloud-native security information & event management (SIEM) system that provides real-time analysis of security alerts generated for cloud and on-premises resources. Sentinel effectively detects threats while automating threat response using orchestration and built-in or custom security playbooks.

In Azure Sentinel training course, you will learn the implementation and configuration of Azure Sentinel, discover how to connect key services and threat intelligence resources to Sentinel; investigate cases; create security playbooks to set automated threat responses to issues; and leverage search and query tools to hunt for threats.

By attending Azure Sentinel workshop, delegates will learn:

  • Onboarding Azure Sentinel
  • Connecting Microsoft and third-party services
  • Connecting to threat intelligence resources
  • Detecting suspicious activities
  • Investigating cases
  • Responding to threats
  • Hunting for security threats in your environment

COURSE AGENDA

1

Introduction

  • Introduction to Azure Analytics
  • Introduction to Azure Sentinel
  • Traditional SIEM vs Cloud native SIEM
  • Phases of Azure Sentinel
  • Introduction to Workbook
2

Phase 1: Collect

  • Data Collection
  • Visualization
  • Querying the logs
  • Introduction to Kusto Query Language (KQL)
  • useful Queries in KQL
  • Advanced Queries in KQL
3

Phase 2: Detect

  • Detecting Threats using correlation Rules
  • Out of the box Detection
  • Custom threat detection rules
  • Advanced multistage attack detection
  • Intro to Use cases
  • Real time use cases for Cloud
  • User Behavior related use cases
  • Introduction to Threat hunting
  • Life cycle of Threat hunting
  • Use Note books to hunt
4

Phase 3: Investigate

  • Introduction to Threat investigation
  • Investigating Incidents
  • Use the investigation graph to deep dive
5

Phase 4: Respond

  • Introduction to SOAR
  • Introduction to Play Books
  • Creating Security Play Books
  • Creating Logic through Logic App Designer
  • Threat Response Automation

Encarta Labs Advantage

  • One Stop Corporate Training Solution Providers for over 6,000 various courses on a variety of subjects
  • All courses are delivered by Industry Veterans
  • Get jumpstarted from newbie to production ready in a matter of few days
  • Trained more than 50,000 Corporate executives across the Globe
  • All our trainings are conducted in workshop mode with more focus on hands-on sessions

View our other course offerings by visiting https://www.encartalabs.com/course-catalogue-all.php

Contact us for delivering this course as a public/open-house workshop/online training for a group of 10+ candidates.

Top
Notice
X