Microsoft Security Best Practices module: Security operations

Security Operations monitor the enterprise environment to rapidly identify and remediate risk from active attack operations, sharing insights and threat intelligence from these attacks to the rest of the organization.

See the Security operations and Capabilities topics for more information.

The following videos provide guidance on security operations. You can also download the PowerPoint slides associated with these videos.

Part 1: Introduction - SOC Learnings, Strategies, and Technical Integration (24:30)

Part 2: Azure Alerts (02:36)

Part 3: Alert and Log Ingestion (04:51)

Part 4: Journey to Cloud Analytics (06:05)

Part 5: Security Operations General Guidance (03:42)

Next steps

For additional security guidance from Microsoft, see Microsoft security documentation.