Azure Sentinel 5 hours Online Workshop


This 5-hour workshop contains theoretic and practical parts. It is designed to help you to start working with Azure Sentinel

Consider Azure Sentinel – 5 hours Online Workshop.

Azure Sentinel is a SIEM (Security Information and Event Management) and Security Orchestration and Automated Response (SOAR) system in Microsoft's public cloud platform. It provides a single solution for alert detection, threat visibility, proactive hunting, and threat response. It collects data from different sources, performs data correlation, and data visualization of the processed data in one dashboard. It collects, detects, investigates, and responds to security threats and incidents.

This 5-hour Azure Sentinel workshop contains theoretical and practical parts. It is designed to enrich your team with knowledge and recommendations on possible infrastructure benefits which you will get with Microsoft Sentinel. You will discover what Sentinel is and where it can be useful for you; what tasks Sentinel solves most effectively; advantages of native integration with cloud solutions; benefits of a single tool to control the security of the entire IT infrastructure; monitoring and automated response to cyber-attacks in a single solution; cost of licensing, pricing model and cost scenarios; practical demonstration: how the system works, what it consists of, an example of cyber-attack investigation, and a lot more.

Workshop agenda

  1. Architecture overview (technical, licensing, integration with native & 3d-party security solutions)
  2. Available connectors & raw logs management
  3. Security alerts & incidents detection, events correlation
  4. Real case investigation example
  5. Cost scenarios
  6. Threat hunting
  7. SOAR: example of basic automation via Azure LogicApps
  8. Reporting

Workshop target audience

The workshop is for companies looking for a tool that helps detect, investigate, and respond to threats if any are found; catches potential issues more quickly and uses machine learning to reduce threats and capture unusual behaviors; saves IT teams time and effort for maintenance.

Relevant roles for the workshop: CTO, Chief Information Security Officer, Cyber Security Architect, Information Security Consultant, Security Architect, Business Information Security Officer, IT Security Engineer, Head of Information Security Manager, Information Security Officer, Security Analyst, Director of Information Security.

Preferred format: 1:1, the number of participants from the customer side is not limited.

"We realized right away that Azure Sentinel offered a completely different experience. We could onboard our logs from Azure and Office 365 in literally one click. We configured 80 percent of our logs to feed into Azure Sentinel within one month versus 18 months with ArcSight. »

Ryan Smith, Manager of IT Security and Operations at First West Credit Union