Azure Sentinel
Most of our classroom training courses take place in Belgium (Edegem) or The Netherlands (Breda). Please click the button with the desired date to check the exact location of the training.
1,5 days
This course is intended for anyone who wants to learn more about Azure Sentinel and how to implement it in their organization. This is a level 400 training, so we’ll eventually dive deep into this topic. We will start with a basic overview of what Azure Sentinel is, to then dive deeper into the content with deploying Azure Sentinel in your environment, event and log management. We’ll also provide you with understanding of the KQL language, and how to use it for advanced hunting and writing playbooks. At the end of the training, we’ll dive into the Automation part of Azure Sentinel.
This training is valuable for IT engineers, IT administrators, security engineers, security administrators and architects.
After this training, you will be able to:
Deploy Azure Sentinel in your environment
Understand the KQL language
Start automation with Azure Sentinel
Basic knowledge of on-premises environments
Basic knowledge of the Azure Platform (IaaS – PaaS – SaaS)
Technical overview
Cloud architecture
Events
Logs
Integrating
KQL
Rules
Playbooks
Use cases
Hunting
Automation
Roadmap