Published 3/2023MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHzLanguage: English | Size: 1.80 GB | Duration: 4h 1m

LEARN Microsoft Sentinel with hands on experience in FREE Lab environment!

What you'll learn

Set up working Sentinel Environment for FREE

Discover different options for data ingestion

Understand the properties of Analytics Rules and see how to create them

Learn about Incident Management in Microsoft Sentinel

Discover different options for Automation in Microsoft Sentinel

Understand the purpose of Workbooks to visualize data

Understand and learn basics of KQL (Kusto Query Language)

Discover how to use Microsoft Sentinel for Threat Hunting

Learn how to create and update Watchlists for whitelisting reasons

How to respond to CyberSecurity threats

Learn about the importance of Threat Intelligence

Understand privileges and role assignment for Sentinel

Requirements

Free Azure Subscription

Basic Understanding of Cloud

Basic Understanding of CyberSecurity

Description

This Microsoft Sentinel course is designed to help IT professionals understand and utilize the Microsoft Sentinel platform for threat detection and response. The course covers everything from setting up a FREE Azure account to managing and automating the platform with hands on demonstration.Throughout this course, you will learn how to create and manage Microsoft Sentinel, including the creation of log analytics workspaces. You will also explore how to work with incidents and workbooks, as well as how to use the platform's analytics rules, watchlists, and connectors to detect and respond to potential threats.The course also includes an overview of user and entity behavior analytics, playbook settings, health monitoring as well as a discussion of Microsoft Sentinel roles and permissions. You will also learn about threat intelligence, including how to register for threat intelligence feeds and enable threat intelligence in Microsoft Sentinel.The course features various hands on labs that will help you to better understand how to use the platform. You will learn how to create analytics rules, investigate incidents, hunt for threats, and implement automation. Additionally, you will explore additional functionalities as Jupyter Notebooks or Sentinel as Code to make the platform even more effective.Join me on this journey to get hands on experience with Microsoft Sentinel and level up in your career!

Overview

Section 1: Introduction

Lecture 1 Welcome to the course

Lecture 2 Course content

Lecture 3 About the Instructor

Lecture 4 What is Microsoft Sentinel?

Section 2: Create and Manage Microsoft Sentinel

Lecture 5 Free Azure account

Lecture 6 Demo: Create Resource Group

Lecture 7 Demo: Create Log Analytics Workspace

Lecture 8 Demo: Create Microsoft Sentinel

Lecture 9 General Overview

Lecture 10 Overview of Incidents

Lecture 11 Overview of Workbooks and Hunting

Lecture 12 Overview of Notebooks, Entities, Threat Intelligence and MITRE

Lecture 13 Overview of Content Management and Repositories

Lecture 14 Overview of Connectors, Analytics Rules and Watchlists

Lecture 15 Overview of Automation

Lecture 16 Pricing for Microsoft Sentinel

Lecture 17 Pricing Calculator

Lecture 18 User and Entity Behavior Analytics

Lecture 19 Playbook Settings and Health Monitoring

Lecture 20 Microsoft Sentinel Roles and Permissions

Lecture 21 Demo: Assign Microsoft Sentinel Role

Section 3: Data Connectors

Lecture 22 Options for Data Connectors

Lecture 23 Demo: Enable Data Connector

Lecture 24 Content Hub

Lecture 25 Demo: Content Hub

Lecture 26 Threat Intelligence

Lecture 27 Demo: Register to Threat Intelligence Feed

Lecture 28 Demo: Enable Threat Intelligence

Lecture 29 Demo: Data Retention Settings

Lecture 30 Summary of Data Connectors Module

Section 4: Analytics Rule

Lecture 31 Introduction to Analytics Rules

Lecture 32 Analytics Rules Dashboard

Lecture 33 Properties of Analytics Rules

Lecture 34 Demo: Create Analytics Rule

Lecture 35 MultiStage Attack Detection

Lecture 36 Analytics Rule Conclusion

Section 5: Incident Management

Lecture 37 Incident Management Introduction

Lecture 38 Demo: Trigger Analytics Rule Detection

Lecture 39 Incident Dashboard

Lecture 40 Incident Information Overview

Lecture 41 Demo: Incident Investigation Page

Lecture 42 Demo: Incident Investigation Map

Lecture 43 Demo: Entity Investigation

Lecture 44 Demo: Incident Conclusion

Section 6: Threat Hunting

Lecture 45 Threat Hunting Introduction

Lecture 46 Demo: SolarWind Investigation

Lecture 47 Demo: Hunting for Infected Hosts

Lecture 48 Hunting Dashboard

Lecture 49 Demo: Hunting for Unknown Threats

Section 7: Watchlists

Lecture 50 Watchlists Introduction

Lecture 51 Demo: Create Watchlist

Lecture 52 Demo: Update Watchlist

Lecture 53 Demo: Whitelist IP Addresses in the Analytics Rule

Section 8: Workbooks

Lecture 54 Workbooks Introduction

Lecture 55 Demo: Create Workbook

Section 9: Automation

Lecture 56 Automation Introduction

Lecture 57 Automation Dashboard

Lecture 58 Options for Automation in Sentinel

Lecture 59 Demo: Create Automation Rule

Lecture 60 Demo: Create Automation Rule from Incident Dashboard

Lecture 61 Demo: Playbook Designer

Lecture 62 Automation History

Lecture 63 Demo: VirusTotal Playbook

Section 10: Other Concepts

Lecture 64 Threat Intelligence Dashboard

Lecture 65 Microsoft Sentinel LightHouse

Lecture 66 Jupyter Notebooks

Lecture 67 Sentinel as Code

Lecture 68 Demo: Kusto Query Language

Section 11: Conclusion

Lecture 69 Delete Microsoft Sentinel Environment

Lecture 70 Thank you!

Do you want hands on experience with SIEM in your CV?,Are you looking to pass Microsoft security related certifications?,Have you been tasked with setting up Microsoft Sentinel in your environment?,Are you looking to become proficient in Microsoft Sentinel?,Security Operations Center (SOC) Analysts,Security Eeers,Cybersecurity Specialists,Network Administrators,IT Managers,System Administrators,IT Consultants,Anyone responsible for managing and maintaining the security of an organization

HomePage:

gfxtra__Microsoft_.part1.rar.html

gfxtra__Microsoft_.part2.rar.html