Last Updated Oct 2025
Microsoft Sentinel is your bird's-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames. In this training you will learn how to deploy and connect this SIEM and SOAR solution to different data sources. You will learn how to use intelligent security analytics and threat intelligence capabilities for attack detection, threat visibility, proactive hunting, and threat response
Target Audience - Project Ready
Suggested Certification - No
Hands on Labs - Yes
ESI course code -
Duration - 7 hours
Level - Intermediate
Introduction to Threat Intelligence in Microsoft Sentinel
Working with threat indicators
Using Workbooks to investigate threats
Watchlists overview
Introduction to User and Entity Behavior Analytics (UEBA)
Enable User and Entity Behavior Analytics (UEBA)
Investigating with UEBA
Microsoft Sentinel Deployment
Enabling Data Connectors in Microsoft Sentinel
Threat Intelligence connector and Content hub
UEBA with Microsoft Sentinel
Introduction to SOAR in Microsoft Sentinel
Automation with Playbooks and Azure Logic Apps
Customizing Microsoft Sentinel playbooks from templates
Bring Your own Machine Learning platform
Integration with Microsoft Defender XDR
Integration with Microsoft Defender for Cloud
Access Control and migration
Microsoft Security Copilot
Extend SOC capability with Defender suite
Analytics Rules and Incident Management
Hunting queries and Watchlists
Exploring Microsoft Sentinel Advanced Features
Repositories in Microsoft Sentinel
Download
Syllabus