Deploy Azure Sentinel in a corporate environment

We will deploy Azure Sentinel and the entire Azure Security Stack, services that are natively supported by Azure Sentinel. During the training we will show you what to avoid, how to work with the tool and how to integrate data sources (for example from your Powershell or Python scripts). Together we will create correlation rules, try to touch the attack detection and find out the speed of response and detection with the Azure Sentinel system, which is not only Cloud Based SIEM, but also SOAR (a tool for orchestration of remediation detection in your cloud or local environment). The advantage of the training is that the theoretical part makes up only 25% of the training and the rest are practical demonstrations and hand-on exercises in which you will learn to work with the Azure Sentinel. 

Basic knowledge of cyber security, knowledge of Microsoft Cloud (Office365 and Azure), knowledge of Windows Server and basic knowledge of Linux.

The course is intended for security administrators and analysts, or security specialists who are considering the deployment of a modern SIEM system using AI/ML.

• Deploy Azure Sentinel
• Deploy Azure Security Stack
• What to avoid, how to work with the tool
• How to integrate data sources (eg from Powershell, Python scripts)
• Creating correlation rules
• Attack detection
• Response rate detection and detection with Azure Sentinel
• Practical examples of hand-on exercises 

Materials in electronic form. 

The goal of the training is to get to know the Azure Sentinel and how to avoid or solve any problems associated with the deployment of the Azure Sentinel service.