{"id":40894,"date":"2021-05-15T07:40:16","date_gmt":"2021-05-15T07:40:16","guid":{"rendered":"https:\/\/www.testpreptraining.com\/tutorial\/?page_id=40894"},"modified":"2021-05-15T07:40:18","modified_gmt":"2021-05-15T07:40:18","slug":"sentinel-providing-integrated-threat-protection","status":"publish","type":"page","link":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/","title":{"rendered":"Sentinel providing integrated threat protection"},"content":{"rendered":"\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n\n\n\n<p>In this tutorial, we will learn about the Sentinel providing integrated threat protection.<\/p>\n\n\n\n<p>Microsoft Azure Sentinel is a scalable, cloud-native SIEM\/SOAR solution that delivers intelligent security analytics and threat intelligence across the enterprise. Moreover, it provides a single solution for alert detection, threat visibility, proactive hunting, and threat response.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/docs.microsoft.com\/en-us\/learn\/wwl-sci\/describe-security-capabilities-of-azure-sentinel\/media\/3-four-aspects-azure-sentinel.png\" alt=\"Diagram showing the four aspects of Azure Sentinel: collect, detect, investigate, and respond.\"\/><figcaption><strong>Image Source: Microsoft<\/strong><\/figcaption><\/figure><\/div>\n\n\n\n<p>Above diagram shows the end-to-end functionality of Azure Sentinel.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Firstly, <strong>Collecting<\/strong>\u00a0data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.<\/li><li>Secondly, <strong>Detecting<\/strong>\u00a0previous threats and minimize false positives using analytics and unparalleled threat intelligence.<\/li><li>Then, <strong>Investigating<\/strong>\u00a0threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft.<\/li><li>Lastly, <strong>Responding<\/strong>\u00a0to incidents rapidly with built-in orchestration and automation of common security tasks.<\/li><\/ul>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-free-practice-test\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-tests.png\" alt=\"Practice tests Sentinel providing integrated threat protection\"\/><\/a><\/figure><\/div>\n\n\n\n<h4 class=\"wp-block-heading\" id=\"connect-sentinel-to-your-data\"><strong>Connecting Sentinel to your data<\/strong><\/h4>\n\n\n\n<p>Azure Sentinel comes with many connectors for Microsoft solutions, available out of the box and providing real-time integration. This includes Microsoft 365 Defender (formerly Microsoft Threat Protection) solutions, and Microsoft 365 sources as well as Office 365, Azure AD, Microsoft Defender for Identity (formerly Azure ATP), Microsoft Cloud App Security, and more.<\/p>\n\n\n\n<p>Firstly, you must have your data ingested into Azure Sentinel, for which you need data connectors. However, there are data connectors that cover a wide range of scenarios and sources, including but not limited to:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>syslog<\/li><li>Windows Event Logs<\/li><li>Common Event Format (CEF)<\/li><li>Trusted Automated eXchange of Indicator Information (TAXII), for threat intelligence<\/li><li>Azure<\/li><li>AWS services<\/li><\/ul>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"workbooks\"><strong>Workbooks<\/strong><\/h5>\n\n\n\n<p>After you connect data sources to Azure Sentinel, you can monitor the data using the Azure Sentinel integration with Azure Monitor Workbooks. Here, you&#8217;ll see a canvas for data analysis and the creation of rich visual reports within the Azure portal. Through this integration, Azure Sentinel allows you to create custom workbooks across your data. <\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"analytics\"><strong>Analytics<\/strong><\/h5>\n\n\n\n<p>Using built-in analytics alerts within the Azure Sentinel workspace, you\u2019ll get notified when anything suspicious occurs. However, there are various types of alerts, some of which you can edit to your own needs.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"manage-incidents-in-azure-sentinel\"><strong>Managing incidents in Azure Sentinel<\/strong><\/h5>\n\n\n\n<p>An incident is created when an alert that you&#8217;ve enabled is triggered. However, you can do standard incident management tasks like changing status or assigning incidents to individuals for investigation in Azure Sentinel. And, it also has investigation functionality.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"security-automation-and-orchestration\"><strong>Security automation and orchestration<\/strong><\/h5>\n\n\n\n<p>You can use Azure Sentinel for automating some of your security operations and make your security operations center (SOC) more productive. Azure Sentinel integrates with Azure Logic Apps, so you can create automated workflows, or playbooks, in response to events. <\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"playbooks\"><strong>Playbooks<\/strong><\/h5>\n\n\n\n<p>A security playbook is a collection of procedures that can help automate and orchestrate your response. It can be run manually or set to run automatically when specific alerts are triggered. Security playbooks in Azure Sentinel are based on Azure Logic Apps. <\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"hunting\"><strong>Hunting<\/strong><\/h5>\n\n\n\n<p>Use Azure Sentinel&#8217;s powerful hunting search-and-query tools, based on the MITRE framework, for hunting proactively for security threats across your organization\u2019s data sources, before an alert is triggered. After you discover which hunting query provides high-value insights into possible attacks, you can also create custom detection rules based on your query, and surface those insights as alerts to your security incident responders.<\/p>\n\n\n\n<h5 class=\"wp-block-heading\" id=\"integrated-threat-protection\"><strong>Integrated threat protection<\/strong><\/h5>\n\n\n\n<p>Threat protection is a continuously evolving battlefront. Cybercriminals look for any vulnerability they can exploit to steal, damage, or extort company data, assets, and resources. However, Microsoft provides a suite of tools that give extended detection and response (XDR) through Microsoft 365 Defender and Azure Defender.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><img decoding=\"async\" src=\"https:\/\/docs.microsoft.com\/en-us\/learn\/wwl-sci\/describe-security-capabilities-of-azure-sentinel\/media\/3-defender-azure-defender.png\" alt=\"Diagram showing Microsoft 365 Defender and Azure Defender.\"\/><figcaption><strong>Image Source: Microsoft<\/strong><\/figcaption><\/figure><\/div>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter\"><a href=\"https:\/\/www.testpreptraining.ai\/exam-sc-900-microsoft-security-compliance-identity-fundamentals-practice-exam\" target=\"_blank\" rel=\"noopener\"><img decoding=\"async\" src=\"https:\/\/www.testpreptraining.ai\/tutorial\/wp-content\/uploads\/2021\/05\/sc-900-course.png\" alt=\"sc-900 online course\"\/><\/a><\/figure><\/div>\n\n\n\n<p><strong>Reference:<\/strong> <a href=\"https:\/\/docs.microsoft.com\/en-us\/learn\/modules\/describe-security-capabilities-of-azure-sentinel\/3-describe-sentinel-provide-integrated-threat-protection\" target=\"_blank\" rel=\"noreferrer noopener\">Microsoft Documentation<\/a><\/p>\n\n\n\n<p><strong><a href=\"https:\/\/www.testpreptraining.ai\/tutorial\/exam-sc-900-microsoft-security-compliance-and-identity-fundamentals\/\" target=\"_blank\" rel=\"noreferrer noopener\">Go back to Tutorial<\/a><\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Go back to Tutorial In this tutorial, we will learn about the Sentinel providing integrated threat protection. Microsoft Azure Sentinel is a scalable, cloud-native SIEM\/SOAR solution that delivers intelligent security analytics and threat intelligence across the enterprise. Moreover, it provides a single solution for alert detection, threat visibility, proactive hunting, and threat response. Above diagram&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"categories":[],"tags":[],"class_list":["post-40894","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Sentinel providing integrated threat protection - Testprep Training Tutorials<\/title>\n<meta name=\"description\" content=\"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sentinel providing integrated threat protection - Testprep Training Tutorials\" \/>\n<meta property=\"og:description\" content=\"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/\" \/>\n<meta property=\"og:site_name\" content=\"Testprep Training Tutorials\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-15T07:40:18+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/docs.microsoft.com\/en-us\/learn\/wwl-sci\/describe-security-capabilities-of-azure-sentinel\/media\/3-four-aspects-azure-sentinel.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/\",\"name\":\"Sentinel providing integrated threat protection - Testprep Training Tutorials\",\"isPartOf\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\"},\"datePublished\":\"2021-05-15T07:40:16+00:00\",\"dateModified\":\"2021-05-15T07:40:18+00:00\",\"description\":\"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!\",\"breadcrumb\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sentinel providing integrated threat protection\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#website\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"name\":\"Testprep Training Tutorials\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#organization\",\"name\":\"Testprep Training\",\"url\":\"https:\/\/www.testpreptraining.ai\/tutorial\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"contentUrl\":\"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png\",\"width\":583,\"height\":153,\"caption\":\"Testprep Training\"},\"image\":{\"@id\":\"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sentinel providing integrated threat protection - Testprep Training Tutorials","description":"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/","og_locale":"en_US","og_type":"article","og_title":"Sentinel providing integrated threat protection - Testprep Training Tutorials","og_description":"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!","og_url":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/","og_site_name":"Testprep Training Tutorials","article_modified_time":"2021-05-15T07:40:18+00:00","og_image":[{"url":"https:\/\/docs.microsoft.com\/en-us\/learn\/wwl-sci\/describe-security-capabilities-of-azure-sentinel\/media\/3-four-aspects-azure-sentinel.png"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/","url":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/","name":"Sentinel providing integrated threat protection - Testprep Training Tutorials","isPartOf":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website"},"datePublished":"2021-05-15T07:40:16+00:00","dateModified":"2021-05-15T07:40:18+00:00","description":"Upgrade your knowledge by understanding the Sentinel providing integrated threat protection. Prepare and pass the Microsoft SC-900 Exam Now!","breadcrumb":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/sentinel-providing-integrated-threat-protection\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.testpreptraining.ai\/tutorial\/"},{"@type":"ListItem","position":2,"name":"Sentinel providing integrated threat protection"}]},{"@type":"WebSite","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#website","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","name":"Testprep Training Tutorials","description":"","publisher":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.testpreptraining.ai\/tutorial\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#organization","name":"Testprep Training","url":"https:\/\/www.testpreptraining.ai\/tutorial\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/","url":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","contentUrl":"https:\/\/www.testpreptraining.com\/tutorial\/wp-content\/uploads\/2020\/07\/tpt-logo-6.png","width":583,"height":153,"caption":"Testprep Training"},"image":{"@id":"https:\/\/www.testpreptraining.ai\/tutorial\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40894","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/comments?post=40894"}],"version-history":[{"count":5,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40894\/revisions"}],"predecessor-version":[{"id":40938,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/pages\/40894\/revisions\/40938"}],"wp:attachment":[{"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/media?parent=40894"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/categories?post=40894"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.testpreptraining.ai\/tutorial\/wp-json\/wp\/v2\/tags?post=40894"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}