SC-200 part 8: Perform threat hunting in Azure Sentinel
Proactively hunt for security threats using the Azure Sentinel powerful threat hunting tools. This learning path aligns with exam SC-200: Microsoft Security Operations Analyst.
Prerequisites
- Ability to use KQL in Azure Sentinel like you could learn from SC-200 part 4: Create queries for Azure Sentinel using Kusto Query Language (KQL)
- Know how to create detections and perform investigations like you could learn from SC-200 part 7: Create detections and perform investigations using Azure Sentinel
Modules in this learning path
In this module, you'll learn to proactively identify threat behaviors by using Azure Sentinel queries. You'll also learn to use bookmarks and livestream to hunt threats.