Mastering Microsoft Sentinel – SIEM & SOAR

Nettech Cloud - Courses - Mastering Microsoft Sentinel – SIEM & SOAR
  • Lectures: 13
  • Students: 1

Mastering Microsoft Sentinel – SIEM & SOAR for Next-Gen SOC

This course structure offers a comprehensive learning journey from the basics of SOC and SIEM to advanced skills in Microsoft Sentinel. It’s suitable for beginners as well as professionals looking to master Microsoft Sentinel in a real-world context.
Chapter 1: Understanding the Security Operations Center (SOC)
• Overview of Traditional vs. Next-Gen SOC
• Roles and Responsibilities in a SOC
• Importance of a SOC in Modern Enterprises

Chapter 2: Introduction to SIEM (Security Information and Event Management)
• What is SIEM?
• How SIEM Works
• Benefits of Using SIEM in a SOC

Chapter 3: Introduction to SOAR (Security Orchestration, Automation, and Response)
• What is SOAR?
• Difference between SIEM and SOAR
• How SOAR Enhances Incident Response

Chapter 4: Introduction to Microsoft Sentinel
• What is Microsoft Sentinel
• Key Features and Benefits

Chapter 5: Setting Up Microsoft Sentinel
• Prerequisites and Licensing
• Connecting to Azure Log Analytics Workspace
• Deployment and Initial Setup

Chapter 6: Data Sources and Connectors
• Types of Data Sources (Cloud, On-Premises, Custom)
• Configuring Data Connectors in Microsoft Sentinel
• Best Practices for Data Ingestion

Chapter 7: Azure Firewall connector for Sentinel
• Deploying & Configuring Azure Firewall
• Connecting Azure Firewall to Sentinel

Chapter 8 – Configuring syslog server
• What is a Syslog Server
• Setting Up a Syslog Server

Chapter 9: Kusto Query Language (KQL)
• Kusto Query Language Basics
• Getting data

Chapter 10 – Analytics rules
• Analytics rules
• Types of analytics rules

Chapter 11: Simulating a Brute Force Attack & Investigating with Sentinel
• Simulating a Brute Force Attack
• Investigating with Sentinel

Chapter 12: Automation Rule
• Automation in Microsoft Sentinel
• Playbooks in Microsoft Sentinel

Chapter 13: Chapter 13 – Playbook
• Example of a Playbook

  • Chapter 1: Understanding the Security Operations Center 0/1

  • Chapter 2: Introduction to SIEM 0/1

    • Lecture 2.1
      Introduction to SIEM (Security Information and Event Management)

  • Chapter 3: Introduction to SOAR 0/1

    • Lecture 3.1
      Introduction to SOAR (Security Orchestration, Automation, and Response)

  • Chapter 4: Introduction to Microsoft Sentinel 0/1

    • Lecture 4.1
      Introduction to Microsoft Sentinel

  • Chapter 5: Setting Up Microsoft Sentinel 0/1

    • Lecture 5.1
      Setting Up Microsoft Sentinel

  • Chapter 6: Data Sources and Connectors 0/1

    • Lecture 6.1
      Data Sources and Connectors

  • Chapter 7: Azure Firewall connector for Sentinel 0/1

    • Lecture 7.1
      Azure Firewall connector for Sentinel

  • Chapter 8: Configuring syslog server 0/1

    • Lecture 8.1
      Configuring syslog server

  • Chapter 9: Kusto Query Language (KQL) 0/1

    • Lecture 9.1
      Kusto Query Language (KQL)

  • Chapter 10: Analytics rules 0/1

    • Lecture 10.1
      Analytics rules

  • Chapter 11: Simulating a Brute Force Attack 0/1

    • Lecture 11.1
      Simulating a Brute Force Attack & Investigating with Sentinel

  • Chapter 12: Automation Rule 0/1

    • Lecture 12.1
      Automation Rule

  • Chapter 13: PlayBooks 0/1

    • Lecture 13.1
      PlayBooks
Admin bar avatar
Manoj Verma
Manoj Verma - CCIE # 43923 is a highly experienced senior technical instructor and Network/ security consultant. He has been in the networking industry for more than 19 years, with a focus on networking and security for the past 15 years. He has assisted thousands of engineers in obtaining their various certifications starting from CCNA to CCIE, CCSA, CCSE, PCNSE, F5, etc. and learning the latest and cutting-edge technologies.  He started his career as a system administrator and then switched to the networking and security domain. During the job, he realized that he is gifted with a passion for teaching and sharing his knowledge, as he used to teach his colleagues and friends. In his classroom training, he always starts with explaining the theory on a certain topic and then gives away a short note of key points and finally end with lab implementation. Now a day, driving down to the training institute to attend classroom training sessions is not feasible for everyone owing to the workflow, odd working hours and rotational shifts, especially for working professionals and those who are living in different cities and countries. He started getting multiple requests from lots of students to launch an online training module in the same way as he teaches in his classrooms. Keeping all this in mind, he designed this self-paced training module which replicates classroom training. He has brought his years of classroom teaching experience, and years of real-world enterprise and service provider experience in designing training modules. For a better understanding of technologies and in-depth knowledge, reading books or short notes is necessary and to witness the theoretical information in live, practical knowledge is required so he has included both which is very unique in the IT training sector.

There is no review for this course

Price

$110.00

Rating

Not enough ratings to display

Leave a Reply

Select your currency
INR Indian rupee
USD United States (US) dollar
X

Message modal