Reply
Microsoft

Become an Azure Sentinel Ninja: The complete level 400 training

This training program includes 16 modules. For each module, the post includes a presentation, preferably recorder (when still not, we are working on the recording) as well as supporting information: relevant product documentation, blog posts, and other resources. 

 

The modules listed below are split into five groups following the life cycle of a SOC:

 

Overview

- Module 1: Technical overview

- Module 2: Azure Sentinel role

Designing  Your Deployment

- Module 3: Cloud architecture and multi-workspace/tenant support

- Module 4: Collecting events

- Module 5: Log Management

- Module 6: Integrating threat intelligence

Creating Content

- Module 7: Kusto Query Language (KQL) - the starting point

- Module 8: Writing rules to implement detection

- Module 9: Creating playbooks to implement SOAR

- Module 10: Creating workbooks to implement dashboards and apps

- Module 11: Implementing use cases

Security Operations

- Module 12: A day in a SOC analyst's life, incident management, and investigation

- Module 13: Hunting

Advanced Topics

- Module 14: Automating and integrating 

- Module 15: Roadmap - since it requires an NDA, contact your Microsoft contact for details.

- Module 16: Where to go next?

 

https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310#

0 REPLIES 0