Using Microsoft Sentinel to Monitor Microsoft 365 Security

Microsoft Sentinel is a cloud-based security information and event management (SIEM) tool that enables the analysis of vast quantities of data both within Microsoft 365 and from external sources using artificial intelligence. Microsoft Sentinel allows you to gather data and detect potential threats, and then investigate and respond to those threats.

In this chapter, you will learn how to plan and implement Microsoft Sentinel in your organization, understand and configure playbooks, manage and monitor signals across Microsoft 365 and other sources using Microsoft Sentinel, and respond to threats. You will also be able to access and enable Microsoft Sentinel in the Azure portal, set ...

Get Microsoft 365 Security, Compliance, and Identity Administration now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.