Microsoft Sentinel Resources

Below, you’ll find resources to help you upskill on Microsoft Sentinel. Content is arranged by increasing levels of complexity (Fundamentals, Associate) followed by other associated essential resources.

 

September 2024 Update📰

Fundamentals

Building a Demo. Instance🚀

Use these steps to build a demo instance; free for one month

  1. Microsoft Sentinel All In One -> Accelerate Microsoft Sentinel deployment and configuration with just a few clicks.
  2. GitHub: Microsoft Sentinel Training Lab
  3. Connect Microsoft Entra to Microsoft Sentinel

Ninja Trainings

Ingestion

Retention

Microsoft Sentinel and Log Analytics offer ingestion & 90-day retention of some data at no cost, including:

  • Azure Activity Logs
  • Microsoft Sentinel Health
  • Office 365 Audit Logs (e.g., SharePoint activity, Exchange activity, Teams)
  • Alerts from Microsoft Defender products (e.g., Microsoft Defender XDR, Microsoft Defender for Cloud, etc.)
  • Azure Information Protection Alerts
  • Microsoft Defender for IoT Alerts

Associate

Azure Lighthouse

Build a Security Operations Center (SOC)

KQL

SOAR

UEBA

MDTI

Notebooks