Microsoft Sentinel From Zero To Hero - Job Related Training

Microsoft Sentinel Tutorial - Step by step configuration. You will learn all the steps required to setup fully product.

What you'll learn

How to become a Security Engineer learning Microsoft Sentinel

How to become a SOC Analyst

What is Microsoft Sentinel

SIEM and SOAR Features in Microsoft Sentinel

What are the Core Components of Microsoft Sentinel

Requirements

Basic Knowledge of Operating Systems, Computer Networks and Security

At least 1 year of experience in the field of IT to make the most of this case

Familiarity with Microsoft Azure Platform

Description

Master Microsoft Sentinel with our comprehensive training program, designed to take you from the fundamentals to an advanced level. Gain the skills to seamlessly set up alerts and efficiently ingest data from diverse sources into Microsoft Sentinel, unlocking the full potential of this powerful security information and event management (SIEM) solution. Elevate your expertise and safeguard your digital landscape with hands-on learning, ensuring you're equipped to navigate the complexities of modern cybersecurityMicrosoft Sentinel, now known as Azure Sentinel, is a cloud-native Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solution offered by Microsoft. It is designed to provide advanced threat detection, investigation, and response capabilities.This course is all about how did I setup Microsoft Sentinel for my various project. We are going to cover.What is a SIEM and How does it workSIEM ArchitectureSentinel ArchitectureWhat is Microsoft Sentinel covering both non-technical and technical overview. Steps required for the deployment.Different use casesHow does log collection works and how to set it upHow to work with Data connectors in SentinelHow to setup alerts in SentinelWhat are different rules templates available to how to make use of rule templatesWorking with Security Analytics in Sentinel

Overview

Section 1: What is a SIEM

Lecture 1 Introduction

Lecture 2 What is a SIEM - An Overview

Lecture 3 Microsoft Sentinel For SOC Analyst

Lecture 4 How Does A SIEM Work

Lecture 5 What is the use of SIEM

Lecture 6 Microsoft Sentinel- A High Level Technical Overview

Section 2: Exploring Microsoft Sentinel

Lecture 7 Microsoft Sentinel Dashboard Overview

Lecture 8 MS Sentinel SIEM Architecture

Lecture 9 Sentinel Architecture - Sentinel Workspace

Section 3: MS Sentinel Overview and 3rd Party Integration

Lecture 10 Importance of SIEM in Cloud Computing - Cloud Security

Lecture 11 Support for 3rd party Integration and Log Ingestion

Section 4: Microsoft Sentinel End to End Solution For Your Security Operations

Lecture 12 Sentinel-For Security Operations

Section 5: Microsoft Sentinel Prerequisites

Lecture 13 MS Sentinel Prerequisites and Planning

Section 6: MS Sentinel Deployment Cases

Lecture 14 Deployment Case 1 - Architecture for M365

Lecture 15 Deployment Case 2 - Architecture for M365 and other Devices

Lecture 16 Exploring More Scenario - Collecting from Networks

Section 7: Understanding Log Collection in Sentinel and Any other SIEM Tool

Lecture 17 What is log collection

Section 8: LAB - How to setup and work with data connectors in MS Sentinel

Lecture 18 LAB-Data Connectors and Log Analytics Workspace

Lecture 19 LAB- Setting up Azure and Office 365 Data Connectors

Section 9: LAB - Microsoft Sentinel Analytics

Lecture 20 What are Security Alerts in Sentinel

Lecture 21 LAB - Understading different type of alerts

Lecture 22 LAB - Creating Alerts in Sentinel

Lecture 23 LAB - Setup Alerts from Content Hub - step by step

Section 10: LAB - Creating Rules from Security Templates

Lecture 24 LAB -Understanding High Severity Alerts. How to setup

Section 11: Sentinel Config Labs - Setting up Data Connectors and Content Hub

Lecture 25 LAB - How to setup Data Connectors and Content Hub

Lecture 26 LAB - Data Connectors and Log Analytics Workspace in Microsoft Sentinel

Lecture 27 LAB - Setting up Azure and Office 365 Data Connectors in Microsoft Sentinel

Section 12: Labs - Creating Security Alerts and Analytics in MS Sentinel

Lecture 28 LAB - Creating Security Alerts in Microsoft Sentinel

Lecture 29 LAB - Creating NRT (Near Real-Time) Alerts for PIM Elevation

Lecture 30 LAB - NRT Alert for Modified Domain Federation for ADFS

Lecture 31 LAB - NRT Alert for Azure DevOps Audit

Lecture 32 LAB - Setting up Alert for Log4J Using Azure WAF

Lecture 33 LAB - Alert for User Agent Search for Log4j

Lecture 34 LAB - Alert for Vulnerable Machines related to Log4j

Lecture 35 LAB - Log4j Vulnerability Exploit aka Log4Shell IP IOC

Section 13: Summary

Lecture 36 Summary

Anyone who wants to become a Security Engineer,Security Architects,Security analyst,Az-500 Aspirants,Security Operations,Cyber Security Professional