MEAPSA

Threat hunting with Microsoft Sentinel

In this module, you'll learn to proactively identify threat behaviors by using Microsoft Sentinel queries. You'll also learn to use bookmarks and livestream to hunt threats.

Security Operations Analyst

Solution Architect

Azure

Microsoft Sentinel

Module Objectives

In this module, you will:

Use queries to hunt for threats.
Save key findings with bookmarks.
Observe threats over time with livestream.

Units

Introduction min
Exercise setup min
Explore creation and management of threat-hunting queries min
Save key findings with bookmarks min
Observe threats over time with livestream min
Exercise - Hunt for threats by using Microsoft Sentinel min
Summary min

Prerequisites

Familiarity with security operations in an organization.
Basic experience with Azure services.
Basic knowledge of operational concepts such as monitoring, logging, and alerting.
Basic Microsoft Sentinel functionality.
Access to a Microsoft Azure subscription for exercise tasks.