OPS103: Securing your Hybrid environment – Part 2 – Azure Sentinel

This post has been republished via RSS; it originally appeared at: ITOps Talk Blog articles.

Anthony sits down with Sarah Young, Sr. Program Manager for all things Security related, to discuss use of Azure Sentinel on a hybrid environment. The pair discuss how log analytics is ingested, reviewed, reported on and how attacks are remediated with data coming from both on-premises and in cloud environments.

 

Speaker:

Sarah Young, Senior Program Manager, Azure Security

 

 

This session includes:

0:00 Introduction
0:24 Does Azure Sentinel only protect cloud environments?
5:36 Data Connectors demo
7:04 Common Event Format (CEF) demo
8:44 Syslog walkthrough
9:21 Security Events walkthrough
13:50 Does sending on-prem data up to the SEIM invoke latency?
16:30 GitHub repo and outside submissions of security templates
22:00 Log Analytics workspaces demo
23:51 Sentinel Reporting demo
25:49 Analytics rule wizard demo
34:00 Analytics data source filtering demo
35:09 Sentinel Incidents and Investigations demo
39:37 Logic Apps and Automation demo
49:28 Sentinel and On-premises Active Directory protection
51:40 Wrap Up

 

Community chat

Want to chat about this session? Come join us on Discord! https://aka.ms/ops103-chat

 

Learn More

Learn More About Azure Security Center: https://aka.ms/ops103-learnmore 
Azure Sentinel Documentation: https://aka.ms/ops103-docs 
Azure Sentinel Learn modules: https://aka.ms/ops103-learn 
Azure Sentinel Ninja Training: https://aka.ms/ops103-ninja 
Azure Sentinel Tech Community: https://aka.ms/ops103-techcom 
Azure Sentinel GitHub Repo: https://aka.ms/ops103-github 

 

What did you think? Please take a moment to submit your feedback at https://aka.ms/ops103-feedback 

To watch more sessions from the IT Ops Talks: All Things Hybrid event check out https://aka.ms/ITOpsTalks

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.