Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security

Azure Sentinel is a cloud-based security information and event management (SIEM) tool that enables the analysis of vast quantities of data both within Microsoft 365 and from external sources using artificial intelligence technology. Azure Sentinel allows you to gather data, detect potential threats, and then investigate and respond to those threats. In this chapter, we will show you how to plan and configure your Azure Sentinel instance, explain the process of using Azure Sentinel playbooks, and finally how to monitor and manage Azure Sentinel on an ongoing basis.

After reading this chapter, you will be able to access and enable Azure Sentinel in the Azure portal, set up a Log ...

Get Microsoft 365 Security Administration: MS-500 Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Microsoft 365 Security Administration: MS-500 Exam Guide by Peter Rising

Chapter 10: Using Azure Sentinel to Monitor Microsoft 365 Security

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly