For those that want a good kickstart on learning Azure Sentinel over the holiday, Microsoft has recently finalized the full set of Learn modules. For the past couple months the only module available was an Introduction session, but now the following modules make out the full list:
- Introduction to Azure Sentinel
- Deploy Azure Sentinel and connect data sources
- Threat detection with Azure Sentinel analytics
- Security incident management in Azure Sentinel
- Threat hunting with Azure Sentinel
- Threat response with Azure Sentinel playbooks
- Query, visualize, and monitor data in Azure Sentinel
I highly recommend not skipping any, but instead just dig in and complete the series from Step 1 to the end.
Microsoft Learn modules are awesome ways to learn at your own pace. A good number of the modules have a couple questions to test your knowledge before you can move on. When you pass a module don’t be too shy to share your accomplishment with the world. Make sure to use the #AzureSentinel hashtag when you use the sharing feature so I can congratulate you.
Start your journey here: https://docs.microsoft.com/en-us/learn/paths/security-ops-sentinel/
And, hey…once you’re done with this, hit-up your Microsoft rep for a deeper-dive workshop. Mention my name and I might be the one to deliver your workshop.