1. Getting stated with Azure Sentinel
(Cloud Native SIEM)
SAMIK ROY
Bangalore, India.
@roy_samik
linkedin.com/in/roysamik
https://github.com/samikroy
Samik.n.roy@gmail.com
🐱👤 ➡️ 🛡🛡 @ Open Systems | Community 🔈
October 2nd , 2021
Microsoft 365 , Power Platform & cloud Security UG-India
5. Why Azure
Sentinel 🤔
• It is new ear SIEM which privilges security team to have
a cycle of a
• Data collection
• Anomaly / Threat Detection
• Investigate / Hunting
• Respond & Remediate
• And the tool is laid out in sections as
• General
• Threat Management
• Configuration
• Now, lets a have a look in the portal.
10. What Next🤔
• Set up azure sentinel for your tenant on your own:
• https://www.youtube.com/watch?v=Cyd16wVwxZc
• Plan for long term data storage:
• https://www.linkedin.com/pulse/howto-configure-azure-sentinel-data-export-long-
term-storage-lauren/
• Resources
• KQL Cheat Sheet
• https://techcommunity.microsoft.com/t5/azure-data-explorer/azure-data-explorer-
kql-cheat-sheets/ba-p/1057404
• Community
• https://github.com/Azure/Azure-Sentinel