Introduction
Imagine that you work as a security operations center (SOC) analyst. Your organization wants to advance its security-management capabilities. The business has already started moving some workloads to the public cloud.
You've been asked to evaluate security information and event management (SIEM) solutions that can help in both an on-premises and a multicloud environment. You've heard about Microsoft Sentinel and want to find out whether it could be the right SIEM solution for your business.
Ideally, you'd select a service that provides the features and functionality that you need, with minimal administration and a flexible pricing model.
Microsoft Sentinel offers exactly those benefits.
In this module, you'll explore Microsoft Sentinel and discover why and when to use it. You'll investigate the key features and capabilities of Microsoft Sentinel, including how and when to deploy it.
Learning objectives
By the end of this module, you'll be able to:
- Identify the various components and functionality of Microsoft Sentinel.
- Identify use cases where Microsoft Sentinel would be a good solution.
Prerequisites
- Familiarity with security operations in an organization
- Basic experience with Azure services