šŸ”„ Check out my documented journey on how to set up Configuration Manager (MECM) and my updated notes on the Azure AZ-104 Exam! šŸ”„
Posts
Microsoft
Azure
AZ-900
AZ-900 Certification Notes
Acloudguru
chapter10
Chapter 10.8 - Azure Sentinel

AZ-900 Certification Notes

Chapter 10.8 - Azure Sentinel (Supplemental)

The What and the How

Sentinel is a security information and event management (SIEM) tool.

  • Step 1: Data Collection
  • Step 2: Aggregation and Normalization
  • Step 3: Analysis and Threat Detection
  • Step 4: Things Happen (Mostly Magic)
  • Step 5: Take Action Sentinel will do 90% of the heavy lifting before you even start investigating a potential security alert.

Benefits and Features

  • Behavioral Analytics
    • Sentinel uses artificial intelligence to learn if any detected behavior is unusual
  • AWS Integration
    • Data from AWS services can be fed directly into Sentinel. This gives you one approach for threat detection across your multi-cloud infrastructure
  • Cloud Scale
    • Sentinel can take advantage of the Azure cloud scale and deliver more accurate results fast
Chapter 10.7 - Microsoft Defender for Identity (formerly Azure Advanced Threat Protection) (Supplemental)Chapter 10.9 - Azure Dedicated Hosts (Supplemental)