Who is this book for?

Azure Sentinel is for anyone interested in security operations in general: cybersecurity analysts, security administrators, threat hunters, support professionals, and engineers.

Azure Sentinel is designed to be useful for Azure and non-Azure users. You can have no security experience, some experience, or be a security expert and will get value from Azure Sentinel. This book provides introductory, intermediate, and advanced coverage on a large swath of security issues that are addressed by Azure Sentinel.

The approach is a unique mix of didactic, narrative, and experiential instruction. Didactic covers the core introductions to the services. The narrative leverages what you already understand, and we bridge your current understanding with new concepts introduced in the book.

Finally, the experience component is presented in two ways— we share our experiences with Azure Sentinel and how to get the most out of it by showing in a stepwise, guided fashion how to configure Azure Sentinel to gain all the benefits it has to offer.

In this book you will learn:

• How to connect different data sources to Azure Sentinel

• How to create security analytics

• How to investigate a security incident in Azure Sentinel

• System requirements

• Anyone with access to a Microsoft Azure subscription can use the information in this book.