search

Functionality and Usage of Microsoft Sentinel

https://www.youtube.com/watch?v=xaqiPXL6tz0&list=PLlVtbbG169nED0_vMEniWBQjSoxTsBYS3&index=35

SIEM - Security Information Event Management

  • Helps find various threats or exposures

SOAR - Security Orchestration Automation Response

  • Automatically respond to events

Microsoft Sentinel takes care of the above two bullet points

  • Sits on top of a Log Analytics Workspace

    • It sits on top of this because all of the information is already flowing through here typically

  • Looks at all the logs and signals and adds intelligence on top to give you meaningful insight

PreviousFunctionality and Usage of Key VaultNextAzure Dedicated Host

Last updated