Microsoft Azure Sentinel
Microsoft Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.
- Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
- Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
- Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
- Respond to incidents rapidly with built-in orchestration and automation of common tasks.
In the following step-by-step guide you get a global overview of Azure Sentinel :
Search for Azure Sentinel in the Azure Portal.
Click on Create
Connect or add your Workspace.
Click on Add Azure Sentinel
Azure Sentinel is added to your workspace.
Security Analytics
Learn here more with Microsoft Azure Monitor analytics queries
Here you can play with Azure Log Analytics 😉
Here you can collect all your Security Cases
Azure Sentinel Build-In Dashboard Solutions
Azure AD Audit Logs
Linux Machines Security
When you have your Azure Sentinel Solutions in place with alerting rules and telemetry and analytics is coming to your workspace, Hunting is the next Threat management tool :
Azure sentinel Hunting
Working with Tags and Collaborate with Teammates
Launch Investigations and Bookmark
Working with Azure Notebooks for Azure Sentinel
Welcome to the Azure Sentinel repository! This repository contains out of the box detections, exploration queries, hunting queries, dashboards and playbooks to help you get ramped up with Azure Sentinel and provide you security content to secure your environment and hunt for threats. You can also submit any issues or feature requests as you onboard to Azure Sentinel. For questions and feedback, please contact AzureSentinel@microsoft.com
Azure Sentinel Notebooks on GitHub
Get started from here to Configure your Azure Sentinel Environment
Choose your Data Collections for Azure Sentinel Security
Lot of Choice already Build-in for you.
From here you can make your own Azure Sentinel Analytics Alert Rules.
Alert Rules
Create Alert rules with the right mappings, triggers, and scheduling, response automation.
Add your own playbooks for your Security
Unlock the power of AI for security with Machine Learning
Machine Learning in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists and engineers productive. One such innovation is Azure Sentinel Fusion built especially to reduce alert fatigue.
Building your Full Screen Dashboard for Monitoring
More information about Azure Sentinel Intelligent Security :
Start here free with Azure Sentinel Preview
Microsoft Azure Sentinel on GitHub
Join Microsoft Azure Monitor & Security for Hybrid IT Community
Cloud and Datacenter Management Blog 