MEAPSA

Security incident management in Microsoft Sentinel

Learn about security incidents, incident evidence and entities, incident management, and how to use Microsoft Sentinel to handle incidents.

Security Operations Analyst

Azure

Microsoft Sentinel

Module Objectives

Learn about security incidents and Microsoft Sentinel incident management.
Explore Microsoft Sentinel incident evidence and entities.
Use Microsoft Sentinel to investigate security incidents and manage incident resolution.

Units

Introduction min
Exercise - Set up the Azure environment min
Understand incidents min
Incident evidence and entities min
Incident management min
Exercise - Investigate an incident min
Summary min

Prerequisites

Familiarity with security operations in an organization.
Basic experience with Azure services.
Basic knowledge of operational concepts, such as monitoring, logging, and alerting.
Basic knowledge of Microsoft Sentinel rules.