Optimizing your Azure Sentinel Platform

Presented by

Javier Soriano, Senior Program Manager, Azure Sentinel at Microsoft & Saggie Haim (CyberProof)

About this talk

Many organizations with investments in Azure are naturally looking to integrate Azure Sentinel and customize it for their unique needs. But those with complex, hybrid environments, or with large volumes of data and legacy technology stacks find it difficult to focus more of their time on enabling Azure Sentinel's advanced capabilities for more proactive, measurable threat management. In this session, Saggie Haim will be joined by Microsoft's Azure Sentinel expert, Javier Soriano to show you what you can be doing now to further your cloud-native threat detection and response maturity. In this workshop, you'll learn how to: - Adopt an agile process for threat hunting with KQL query tricks - Create KPI-driven reports you never thought you could have - Optimize log ingestion and retention process and costs - Enrich and correlating events with Watchlists - Enable faster deployments and configurations with a CI/CD model

Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (53)
Subscribers (5498)
CyberProof is a security services company that intelligently manages your incident detection and response. Our solution provides complete transparency and dramatically reduces the cost and time needed to respond to security threats and minimize business impact. SeeMo, our virtual analyst, together with our experts and your team automates and accelerates cyber operations by learning and adapting from endless sources of data and responds to requests by providing context and actionable information. This allows our nation-state cyber experts to prioritize the most urgent incidents and proactively identify and respond to potential threats. We collaborate with our global clients, academia and the technology ecosystem to continuously advance the art of cyber defense.