From Basics to Expert: Monitoring Threats in Azure with Sentinel & Defender
Sub Category
- IT Certifications
{inAds}
Objectives
- Detect and investigate suspicious process executions across multiple devices.
- Write and optimize KQL queries to hunt threats in Microsoft Sentinel and Defender.
- Configure Azure Key Vault log ingestion into Microsoft Sentinel for monitoring.
- Automate remediation of misconfigurations with Defender for Cloud & Workflow Automation.
- Identify unusual outbound traffic and detect potential insider threats.
- Create custom detection rules in Microsoft Defender for Endpoint using file hashes.
- Enforce secure access configurations on Azure Storage accounts.
- Monitor privileged access and administrative actions using Entra ID (Azure AD) logs.
Pre Requisites
- Basic understanding of IT security concepts (firewalls, malware, phishing, etc.).
- Familiarity with Microsoft Azure services and cloud fundamentals.
- Access to (or knowledge of) Microsoft Sentinel, Defender for Endpoint, and Defender for Cloud is recommended but not mandatory.
- Curiosity to learn and explore cybersecurity investigation techniques.
FAQ
- Q. How long do I have access to the course materials?
- A. You can view and review the lecture materials indefinitely, like an on-demand channel.
- Q. Can I take my courses with me wherever I go?
- A. Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
{inAds}
Coupon Code(s)