Labs

Log Analytics workspace

Azure Sentinel Linux VM Logs

Azure Sentinel CTI with TAXII

Azure Sentinel Threat Response Automation Rules

Azure Sentinel Watchlists

Course Content

Introduction to Azure Sentinel

Azure Sentinel Overview

What is a SIEM?

Introduction to Azure Sentinel

Key Features

Log Analytics Workspaces

VM Logs using AMA & DCR

Introduction to Data Connectors

Content Hub

Overview of Azure Monitoring Agents (AMA) and Dependency Agents (DA)

Data Collection Rules (DCR) 

How They Work Together?

Kusto Query Language (KQL)

Analytical Rules in Azure Sentinel

What Are Analytical Rules?

Types of Analytical Rules

Cyber Threat Intelligence (CTI)

Introduction to TAXII Protocol

How TAXII Integrates with Azure Sentinel (CTI Workflow)

Automated Rules

Watchlists

This course offers a comprehensive exploration of Azure Sentinel, Microsoft's cloud-native Security Information and Event Management (SIEM) solution.

Designed for cybersecurity professionals, it covers Azure Sentinel’s architecture, advanced features, and integration capabilities. Participants will learn to connect various data sources using built-in and custom data connectors, master Kusto Query Language (KQL) for data analysis, and implement analytical rules, including Near Real-Time (NRT) and machine learning-based rules, to effectively detect and respond to security incidents.

In addition, the course delves into the ingestion of cyber threat intelligence through TAXII and PulseDrive, streamlining threat detection and response. It also covers automation rules for efficient incident management and the use of watchlists to enhance threat detection capabilities. 

Through hands-on labs and real-world use cases, participants will gain practical experience in deploying and managing Azure Sentinel, equipping them with the skills needed to strengthen their organization's security operations.

Intermediate

4
Hours
8
Lessons
5
Cloud Labs
learning path:
Azure Security

Azure Sentinel: A Comprehensive Guide to Cloud-Native SIEM

Ideal for
Security Architect
Security Champion
Security Engineer
Developer
Get Started

You might also like these courses

Or explore these Learning Paths

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
Copyright AppSecEngineer © 2025