Chapter 11: Describing the Security Capabilities of Microsoft Sentinel

The previous chapter covered how to manage the protection of Microsoft 365 resources through the Extended Detection and Response (XDR) capabilities of Microsoft 365 Defender. In this chapter, we will describe the security capabilities of Microsoft Sentinel for SIEM and SOAR, and the creation of a modern Security Operations Center (SOC).

In this chapter, we're going to cover the following main topics:

  • Describing the concepts of SIEM, SOAR, and XDR.
  • Describing how Microsoft Sentinel provides integrated threat management.
  • Describing Microsoft Sentinel in a modern SOC.

Technical requirements

In this chapter, we continue to explore configuring a tenant for use of solutions ...

Get Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.