Real world business tracks leading towards Azure Services
Join me for the final article in the min-series on Enhancing Microsoft Sentinel. Today, we review ongoing optimizations and how to stay ahead of emerging threats.
Join me for Part 2 of 3 where we review advanced customizations in Microsoft Sentinel. We review some of the steps to advance your threat hunting and better protect your environment.
Join me for Part 1 of 3 where we review Building a Stronger Foundation in Microsoft Sentinel. We review the steps to help review and build a stronger SIEM solution together.
Today we explore additional cost management options to use as part of your ongoing governance in Microsoft Sentinel. Let’s dive into the world of Log Analytics Workspace configurations together!
Let’s talk about Microsoft Sentinel and managing costs. With cost being foundational pillar of Microsoft’s Well Architected Framework, part of good governance, and a major driver for product selection of SIEMs; let’s see if we can take some of mystery out of how to get started with managing costs in our favourite SIEM solution!
A common challenge that security teams face is simply not knowing where all the artifacts can be found during an investigation. Microsoft Defender tools are capable of collecting a lot of data, and that can create questions during investigations of where is all this data and how do I find it quickly? Join me for a tour of the basics of Defender data retention periods and where to find that data.
Log Analytics workspaces provide a special way to store log data from multiple sources such as Microsoft Defender for Cloud, Azure Monitor, and so much more. A workspace typically combines data from multiple services and likely has it’s own distinct configuration for retention. I get a lot of questions about what the differences between workspaces within the Log Analytics scope are and why we would use them. Let’s take a look today at some of the information around Microsoft Azure Log Analytics Workspaces.
