My intent with my blog here is to cover the “extra stuff” not covered in our docs, so for those that have been alongside with me over the past couple years you’ve read about a lot of the best practices for Azure Sentinel here already.
With Azure Sentinel’s popularity growing by leaps and bounds, it makes sense that customers would start asking for guidance around how best to deploy and use the cloud-based SIEM. And, that guidance should be centralized and part of our docs.
For that reason, the teams have Microsoft have begun to centralize some of the great learning we have gathered both internally and from our customers. That effort has culminated into the following best practices resources:
- General Best Practices: https://cda.ms/2gd
- Best Practices for Deployment: https://cda.ms/2gc
- Best Practices for Data Collection: https://cda.ms/2gg
- Azure Sentinel workspace architecture best practices: https://cda.ms/2h7
[Subscribe to the RSS feed for this blog]
[Subscribe to the Weekly Azure Sentinel Newsletter]