Microsoft Sentinel Advanced Course Secure Azure Like a Pro

Microsoft Sentinel as Code | Automatically Deploy Content to Azure | Build Repository | Learn ARM and Cost Optimization
Microsoft Sentinel Advanced Course Secure Azure Like a Pro
File Size :
4.22 GB
Total length :
2h 50m



Pavel Hrabec


Last update




Microsoft Sentinel Advanced Course Secure Azure Like a Pro

What you’ll learn

Gain an understanding of Microsoft Sentinel Automation
Learn how to automate Microsoft Sentinel using ARM
Deploy SIEM using Infrastructure as Code
Integrate Azure DevOps and GitHub with Microsoft Sentinel
Configure a repository for Microsoft Sentinel
Deploy ARM templates from repositories
Generate ARM templates
Master Microsoft Sentinel pricing
Set up and optimize data connectors
Implement optimization strategies
Optimize data collection rules
Perform KQL Transformation
Perform cross-resource queries in Microsoft Sentinel

Microsoft Sentinel Advanced Course Secure Azure Like a Pro


Microsoft Sentinel Basics


Elevate your cloud security expertise to new heights as you seamlessly integrate Microsoft Sentinel into your Azure based workflows with GitHub. Harness essential tools like ARM, Bicep, Terraform, PowerShell, APIs and automate deployment process for security operations in Azure. Through hands-on experiences, you’ll become adept at deploying critical components such as analytics rules, workbooks, playbooks and many more Microsoft Sentinel artifacts. Everything managed from a centralized repository through the efficiency of CI/CD pipeline, optimizing your cloud security strategy while streamlining operations.Once you grasp the foundations of automation, you’ll dive deeper into the heart of Azure infrastructure management with ARM templates. You will master the art of infrastructure as code for Microsoft Sentinel, ensuring that your cloud environment is not only secure but also highly efficient.You’ll also gain valuable insights into cost optimization strategies, ensuring that you can effectively secure your cloud environment while maximizing cost savings in Azure Cloud.In essence, this course serves as your gateway to becoming a proficient cloud security architect expert within the Azure cloud ecosystem. It seamlessly combines essential integration skills, practical deployment experiences, automation mastery, infrastructure management, log analysis, and cost optimization into a comprehensive learning journey.You will work with tools concepts and technologies such as CI/CD Pipeline, Infrastructure as Code, Azure DevOps, GitHub, ARM, Biceps, Terraform, Powershell, KQL, Basics Logs Search, KQL Transformation, Data Ingestion, Cross resource query, Azure Data Explorer and many more.Don’t let this opportunity pass you by. Elevate your expertise in Azure cloud security today and position yourself as a valuable asset in the ever-evolving landscape of cloud computing.


Section 1: Automate Microsoft Sentinel Integration with Code

Lecture 1 Introduction to Microsoft Sentinel Automation

Lecture 2 Automating Sentinel with ARM, Bicep, Terraform, Powershell and API

Lecture 3 Demo: Infrastructure as Code in Seamless SIEM Deployment

Lecture 4 Unveiling the Magic of Deployment Scripts in Microsoft Sentinel

Lecture 5 Demo: Fine-Tuning Microsoft Sentinel after ARM Deployment

Lecture 6 SIEM Deployment with Terraform and Bicep

Lecture 7 Effortless ARM Template Installation with Repositories

Lecture 8 Demo: Setting Up Azure DevOps Organization for Microsoft Sentinel

Lecture 9 Demo: Integrating Azure DevOps with Microsoft Sentinel

Lecture 10 Azure DevOps Parallelism Challenges in Microsoft Sentinel

Lecture 11 Demo: Setting up Repository in GitHub for Microsoft Sentinel

Lecture 12 Demo: Integrating GitHub with Microsoft Sentinel

Section 2: Advanced Infrastructure as Code with Microsoft Sentinel

Lecture 13 Introduction to Mastering GitHub Repository for Security

Lecture 14 Demo: Deploying Microsoft Sentinel Analytics Rule from Repository

Lecture 15 Demo: Verifying Content Status in Microsoft Sentinel

Lecture 16 Demo: Fixing Pipeline Errors in Microsoft Sentinel Upload Process

Lecture 17 Tracking ARM Template Changes in Repository

Lecture 18 Demo: Configuring Local Repository for Microsoft Sentinel

Lecture 19 Demo: Deploying Microsoft Sentinel Playbook from Computer to the Cloud

Lecture 20 Demo: Deploying ARM templates from Repository

Lecture 21 Validating ARM Deployment in Azure Portal

Lecture 22 Demo: How to Deploy Unsupported Artifact to Azure

Lecture 23 Understanding Microsoft Sentinel Artifact Order

Lecture 24 Demo: Optimizing Microsoft Sentinel as Code Deployment

Lecture 25 Conclusion of Infrastructure as Code with Microsoft Sentinel

Section 3: Mastering ARM Templates

Lecture 26 Introduction

Lecture 27 ARM Templates Structure and Components

Lecture 28 ARM Templates Formatting and Parameters

Lecture 29 Demo: Generate ARM Template for Analytics Rule

Lecture 30 Demo: Generate ARM Template for Workbook

Lecture 31 Demo: Generate ARM Template for Playbook with Script

Lecture 32 Demo: Generate ARM Template for Automation Rule

Lecture 33 Demo: Generate ARM Template for Automation Rule with Script

Lecture 34 Demo: Generate ARM Template for Parser, Hunting Query and Watchlist

Lecture 35 ARM Template Resource Hub

Section 4: Lower Cost in Azure for Security Operations

Lecture 36 Introduction to Cost Optimization

Lecture 37 Mastering Microsoft Sentinel Pricing

Lecture 38 Exceptions to Microsoft Sentinel Pricing

Lecture 39 Demo: Microsoft Sentinel Pricing Calculator

Lecture 40 Demo: Data Connector Management

Lecture 41 Demo: Setting Up Data Connectors

Lecture 42 Simplify Cost Tracking for Microsoft Sentinel

Lecture 43 Demo: Optimization Strategies for Significant Cost Savings

Lecture 44 Understanding Basics Logs

Lecture 45 Demo: Setting up Basics Logs in Microsoft Sentinel

Lecture 46 Demo: Maximizing Basics Logs Search

Lecture 47 Demo: Optimizing Data Collection Rules

Lecture 48 Demo: KQL Transformation for Windows Events

Lecture 49 Exploring Azure Data Explorer

Lecture 50 Demo: Ingesting Logs into Azure Data Explorer from Azure Storage

Lecture 51 Cross Resource Query in Microsoft Sentinel

Lecture 52 Conclusion

Lecture 53 BONUS LECTURE: More of Microsoft Sentinel

Security Professionals looking to enhance their skills in automating Microsoft Sentinel,Azure Administrators and Cloud Engineers interested in optimizing security operations,IT and Security Managers seeking to streamline SIEM deployment and cost-effectiveness,DevOps Engineers wanting to integrate security practices into their DevOps pipelines,Cybersecurity Analysts aiming to improve incident response using Microsoft Sentinel,System Administrators interested in mastering Infrastructure as Code (IaC) techniques,Security Architects seeking to design secure and cost-efficient Azure environments,Students and Enthusiasts eager to build expertise in Microsoft Sentinel and ARM templates,Anyone interested in improving their knowledge of Microsoft Azure security operations

Course Information:

Udemy | English | 2h 50m | 4.22 GB
Created by: Pavel Hrabec

You Can See More Courses in the IT & Software >> Greetings from

New Courses

Scroll to Top