Technical Playbook for Azure Sentinel MSSPs and Multi-tenant Organizations

Congrats to the Azure Sentinel Microsoft team for putting together a full Playbook for partners and large multi-tenant organizations.


This document informs Microsoft partners researching how to integrate Azure Sentinel into their portfolio of services. It is written through the lens of Implementers & SOC architects who seek a distilled technical walkthrough of:

  • Azure Sentinel’s capabilities
  • Technical dependencies
  • Data collection models
  • Multi-tenant management
  • Threat detection & analytics
  • Investigation processes
  • Strategies for automated response
  • Activity summaries and reports
  • Cost models and data storage

Beyond MSSPs, this document aims to guide large organizations and institutions who operate security operations within environments requiring multi-tenant architectures.

Accessible at the following link:


[Want to discuss this further? Hit me up on Twitter or LinkedIn]

[Subscribe to the RSS feed for this blog]

[Subscribe to the Weekly Azure Sentinel Newsletter]