3 Security Monitoring Using Microsoft Sentinel and Defender

In the previous chapter, we took a closer look at some of the fundamental parts of building a secure foundation related to networking, identity, vulnerability, and patch management, as well as into the basics of security monitoring.

Now, we will focus on how we can set up security monitoring within our environment, regardless of whether it is running on-premises or in the public cloud. We will be using Microsoft Sentinel, Microsoft Defender for Endpoint, as well as Microsoft Defender for Servers, which are useful tools to have in our toolbox to detect abnormal activities within our environment. We will take a closer look at how the services work and how we can use them, before taking ...

Get Windows Ransomware Detection and Protection now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Windows Ransomware Detection and Protection by Marius Sandbu

3

Security Monitoring Using Microsoft Sentinel and Defender

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly