This article is contributed. See the original author and article here.
The Azure Sentinel Ninja training is not static and always updated. If you want to refresh your knowledge and get updated, here is the list of updates for you:
Module 2: How is Azure Sentinel used?
- Side by side use: We are working hard to enhance our support for side by side deployment alongside a 3rd party SIEM or a ticketing system. “Sending alerts enriched with supporting events from Azure Sentinel to 3rd party SIEMs” will significantly enhance your side by side integration.
- MSSPs: a new blog post covers Protecting MSSP’s Intellectual Property in Azure Sentinel
- We also started collecting customer stories in this section. You might find Stuart Gregg, Security Operations Manager @ ASOS, a blog post from his experience with Azure Sentinel, focusing on hunting useful.
Module 3: Cloud architecture and multi-workspace/tenant support
- We finally documented our cross workspace capabilities: Extend Azure Sentinel across workspaces and tenants
- A new blog post goes into depth regarding resource RBAC, which enables multiple teams to use a single workspace.
Module 6: Threat Intelligence
Module 7: KQL
Module 8: Write rules
Module 11: Use cases
Use cases focus: working from home.
- Windows Virtual Desk
- Microsoft endpoint Manager / Intune
- Integrate the Microsoft COVID-19 threat feed
Module 13: Hunting
Module 14: Extending and integrating Azure Sentinel
Module 15: Roadmap
We have a new exciting roadmap! Since roadmap information is provided under NDA, reach out to your Microsoft account team to discuss an Azure Sentinel roadmap presentation.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.