Azure Sentinel Certification Training Course

Azure Sentinel Certification Training Course Overview

Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyse large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources, including users, applications, servers and devices running on-premises or in any cloud, letting you reason over millions of records in a few seconds. It includes built-in connectors for easy onboarding of popular security solutions. Collect data from any source with support for open standard formats like CEF and Syslog.

Azure Sentinel Certification Training Course (Duration : 24 Hours) Download Course Contents

Live Virtual Classroom
Group Training 1150
04 - 06 Oct 09:00 AM - 05:00 PM CST
(8 Hours/Day)

01 - 03 Nov 09:00 AM - 05:00 PM CST
(8 Hours/Day)

1-on-1 Training (GTR) 1300
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

GTR=Guaranteed to Run
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Special Solutions for Corporate Clients! Click here
Hire Our Trainers! Click here

Course Modules

Phase 1 : Collect
  • Introduction to Azure Analytics
  • Introduction to Azure Sentinel
  • Traditional SIEM vs Cloud native SIEM
  • Traditional SIEM vs Cloud native SIEM
  • Phases of Azure Sentinel
  • Data Collection
  • Visualization
  • Querying the logs
  • Introduction to Kusto Query Language (KQL)
  • useful Queries in KQL
  • Advanced Queries in KQL
Phase 2: Detect
  • Detecting Threats using correlation Rules.
  • Out of the box Detection
  • Custom threat detection rules
  • Advanced multistage attack detection
  • Intro to Use cases
  • Real time use cases for Cloud
  • User Behavior related use cases
  • Introduction to Threat hunting
  • Life cycle of Threat hunting
  • Use Note books to hunt
Phase 3: Investigate
  • Introduction to Threat investigation
  • Investigating Incidents
  • Use the investigation graph to deep dive
Phase 4: Respond
  • Introduction to SOAR
  • Introduction to Play Books
  • Creating Security Play Books
  • Creating Logic through Logic App Designer
  • Threat Response Automation
Download Course Contents

Request More Information

Course Prerequisites

Participants must have basic understanding of azure cloud and Security Operations in general.