Chapter 14: Operational Tasks for Microsoft Sentinel
As with any service or solution, an ongoing maintenance routine is a critical process to ensure timely service improvements, maintain operational efficiency, control costs, and—most importantly—ensure the service remains highly effective in detecting and responding to security issues.
In general, Security Operations Center (SOC) operations are performed by two distinct roles: SOC engineers and SOC analysts. In a small organization, this may be a single person carrying out both roles; in larger organizations, these roles will span many teams and will be carried out by dedicated professionals. In this chapter, we will provide details of the daily, weekly, and monthly tasks required for each ...
Get Microsoft Sentinel in Action - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
