Last Updated Sep 2025Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response
Duration - 12 Hours
Level - Advanced
Style - Self paced
Target Audience - Project Ready with Labs
Certification - No
Hands on Labs - Yes
Solution Areas - Security, Protect cloud, AI Platform and Apps
ESI Course Code - DW-340
In this module, Learn to Design your Microsoft Sentinel workspace architecture, Manage roles and permissions, Enable data connectors using a content hub, Deploy a log forwarder to ingest Syslog and CEF logs to Microsoft Sentinel, Understand security coverage by the MITRE ATT&CK® framework, Connect Microsoft Sentinel to Amazon Web Services to ingest AWS service log data and AWS S3 connector – architecture overview.
In this module, you will learn about Introduction to Microsoft content hub solutions, Introduction to Threat Intelligence in Microsoft Sentinel, connect your threat intelligence platform to Microsoft Sentinel, Work with threat indicators, Detect Threat and Analyse Data, investigating incidents and Using Workbooks to investigate threats.
In this module, you will learn about Introduction to User and Entity Behavior Analytics (UEBA), UEBA analytics architecture, Enable UEBA, Anomalies detected by UEBA, Querying UEBA, Investigating with UEBA.
In this module, you will learn about Introduction to SOAR in Microsoft Sentinel, Creating and working with Automation Rules, Automation with Playbooks, Azure Logic Apps, Customizing Microsoft Sentinel playbooks from templates, Bring Your own Machine Learning platform, Integration with Microsoft 365 Defender and Integration with Microsoft Defender for Cloud
Microsoft Security Copilot enhances threat detection and response by integrating AI-driven insights directly into the SOC workflow. It extends security operations capabilities through seamless integration with the Microsoft Defender suite, improving efficiency and decision-making.
Take this assessment to validate your skills gathered from the self-paced online learning course completed in this course to mark your completion.
Share your feedback with us regarding your experience!
.PNG?lmsauth=cea26e289dc3245402e7e6280fd209f6980e1e6b)
Intermediate
.PNG?lmsauth=22c3c0ffc30363195ff79ea70a9f48bf5aa28e63)
Intermediate
.PNG?lmsauth=5451ff0eb5d6bf4c578e24231d0a8764ddc81cf3)
Advanced
.PNG?lmsauth=db8c8ac3603b66b7f517d2f0eb2f3a55ceb4f354)
Beginner
No. of
Learners - 173
Audio Available in 10 Languages