Microsoft Sentinel in Action : Architect, Design, Implement, and Operate Microsoft Sentinel As the Core of Your Security Solutions
Microsoft Sentinel in Action : Architect, Design, Implement, and Operate Microsoft Sentinel As the Core of Your Security Solutions
Click to enlarge
Author(s): Diver, Richard
ISBN No.: 9781801815536
Pages: 478
Year: 202202
Format: Trade Paper
Price: $ 67.61
Dispatch delay: Dispatched between 7 to 15 days
Status: Available

Learn how to set up, configure, and use Microsoft Sentinel to provide security incident and event management services for your multi-cloud environment Key Features: Collect, normalize, and analyze security information from multiple data sources Integrate AI, machine learning, built-in and custom threat analyses, and automation to build optimal security solutions Detect and investigate possible security breaches to tackle complex and advanced cyber threats Book Description: Microsoft Sentinel is a security information and event management (SIEM) tool developed by Microsoft that helps you to integrate cloud security and artificial intelligence (AI). This book will enable you to implement Microsoft Sentinel and understand how it can help detect security incidents in your environment with integrated AI, threat analysis, and built-in and community-driven logic. The book begins by introducing you to Microsoft Sentinel and Log Analytics. You'll then get to grips with data collection and management, before learning how to create effective Microsoft Sentinel queries to detect anomalous behaviors and activity patterns. Moving ahead, you'll learn about useful features such as entity behavior analytics and Microsoft Sentinel playbooks along with exploring the new bi-directional connector for ServiceNow. As you progress, you'll find out how to develop solutions that automate responses needed to handle security incidents. Finally, you'll grasp the latest developments in security, discover techniques to enhance your cloud security architecture, and explore how you can contribute to the security community. By the end of this Microsoft Sentinel book, you'll have learned how to implement Microsoft Sentinel to fit your needs and be able to protect your environment from cyber threats and other security issues.


What You Will Learn: Implement Log Analytics and enable Microsoft Sentinel and data ingestion from multiple sources Get to grips with coding using the Kusto Query Language (KQL) Discover how to carry out threat hunting activities in Microsoft Sentinel Connect Microsoft Sentinel to ServiceNow for automated ticketing Find out how to detect threats and create automated responses for immediate resolution Use triggers and actions with Microsoft Sentinel playbooks to perform automations Who this book is for: If you are an IT professional with prior experience in other Microsoft security products and Azure and are now looking to expand your knowledge to incorporate Microsoft Sentinel, then this book is for you. Security experts using an alternative SIEM tool who want to adopt Microsoft Sentinel as an additional service or as a replacement will also find this book useful.


To be able to view the table of contents for this publication then please subscribe by clicking the button below...
To be able to view the full description for this publication then please subscribe by clicking the button below...