Build next generation security operations with cloud and AI.
Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across an enterprise—fast. Azure Sentinel aggregates data from all sources including users, applications, servers, and devices running on-premises or in the cloud, letting you reason over millions of records in a few seconds. It includes built-in connectors for easy onboarding of popular security solutions. Azure Sentinel collects data from any source with support for open standard formats like CEF and Syslog.
About the Sessions
Azure Sentinel Foundations
What is Azure Sentinel and its basics. How your data is connected. The traditional SIEM market and problems.
Security Orchestration, Automation, and Response
How to leverage in-box tooling for Azure Sentinel to help support your Security Orchestration, Automation, and Response (SOAR) initiatives. Leveraging Azure Logic Apps to help reduce your mean time-to-resolution and automate repeatable tasks. Allow your SOC to focus on what matters.
Advanced Hunting and Workbooks/Dashboards
How to use the immense amount of data at your fingertips using Azure Sentinel. We’ll review how you can use Kusto queries to combine, sort, and visualize data. We’ll review how to leverage this data to see live events as they unfold and view with dynamic dashboards and reports.
Meet the Host
PARTNER, ASSOCIATE DIRECTOR |
INFRASTRUCTURE AND SECURITY
Rich has been working in IT consulting for about 17 years in various positions and roles. He has led numerous implementations of the Microsoft System Center line of products and has deployed Hyper-V and VMware virtualization solutions for private cloud solutions. In addition to developing Private Cloud solutions for clients, he also focuses heavily on hybrid and public cloud deployments, specifically around strategy and execution around Windows Azure.
Rich has presented at various Windows User Group meetings and regularly leads Microsoft ADS/envisioning sessions at various MTC locations throughout the US. He acts as an extension of the Microsoft Technology Solutions Professional teams from the EPG, CAM, and CTM space.