MICROSOFT SENTINEL TRAINING IN PUNE | ONLINE
Duration of Training : 32 hrs
Batch type : Weekdays/Weekends
Mode of Training : Classroom/Online/Corporate Training
Module 1: Introduction to Azure Sentinel
- Overview of Azure Sentinel.
- Understanding the role of a SIEM and SOAR solution in cybersecurity.
- Azure Sentinel architecture and components.
Module 2: Data Ingestion and Data Connectors
- Configuring data connectors to collect data from various sources.
- Data ingestion best practices.
- Common data sources and their connectors.
Module 3: Data Queries and Investigations
- Introduction to Kusto Query Language (KQL).
- Writing queries to analyze and investigate security data.
- Creating custom workbooks for data visualization.
Module 4: Alerts and Incidents Management
- Creating and managing security alerts in Azure Sentinel.
- Incident management and response workflows.
- Automation and orchestration of incident response tasks.
Module 5: Threat Intelligence and Threat Detection
- Incorporating threat intelligence feeds into Azure Sentinel.
- Customizing and fine-tuning threat detection rules.
- Behavioral analytics and anomaly detection.
Module 6: Integration with Azure and Third-Party Services
- Integrating Azure services like Azure Active Directory and Azure Security Center.
- Connecting third-party security solutions.
- Using Logic Apps and Playbooks for automation.
Module 7: User and Entity Behavior Analytics (UEBA)
- Understanding UEBA in Azure Sentinel.
- Detecting and responding to suspicious user and entity activities.
- Behavioral profiling and analysis.
Module 8: Compliance and Reporting
- Generating compliance reports.
- Meeting regulatory and compliance requirements.
- Auditing and monitoring in Azure Sentinel.
Module 9: Advanced Threat Hunting
- Proactive threat hunting techniques.
- Building custom threat hunting queries.
- Leveraging advanced hunting tools and capabilities.
Module 10: Security Orchestration and Automation
- Designing and automating security workflows.
- Creating and managing playbooks.
- Integration with Azure Logic Apps.
Module 11: Azure Sentinel Deployment and Scaling
- Deployment options for Azure Sentinel.
- Scaling Azure Sentinel for large-scale environments.
- Best practices for managing a Sentinel workspace.
Module 12: Real-World Scenarios and Use Cases
- Analyzing real-world cybersecurity scenarios.
- Creating solutions for specific security challenges.
- Case studies and hands-on exercises.
Module 13: Azure Sentinel Certification Preparation
- Overview of Azure Sentinel certification (if available).
- Tips and resources for certification exam preparation