Introduction
You're an administrator for Contoso, a large multi-national organization. Contoso IT management are implementing a shift to Microsoft 365. As part of this process, it's important that IT can maintain control of critical corporate data. As a security administrator at Contoso, you're involved with planning for this data control. You've decided to implement Microsoft Defender for Cloud Apps and you are investigating implementing Microsoft Sentinel or another security information an event management (SIEM) solution.
Learning objectives
After completing this module, you'll be able to:
- Connect Microsoft Sentinel to Microsoft Defender for Cloud Apps.
- Enrich incidents in Microsoft Sentinel with playbooks.
- Triage infrequent country/region requests with Microsoft Defender for Cloud Apps and Microsoft Sentinel.
- Connect a non-Microsoft security information and event management solution to Microsoft Defender for Cloud Apps.