Summary
The Contoso SecOps team recently encountered issues when users with compromised accounts tried to access Contoso's customer data. Microsoft Sentinel provides several monitoring and reporting features that help alert Contoso about potential security threats.
Microsoft Sentinel workbooks provide interactive reports with graphs, charts, and tables, and security administrators can use these features to visualize their security data by using advanced filtering. The SecOps team can use these techniques to gain more insights into their data during their investigations.
Learn more
You can learn more by reviewing the following documents.
Getting started
- Microsoft Sentinel documentation
- Quickstart: On-board Microsoft Sentinel
- Microsoft Sentinel pricing
- Permissions in Microsoft Sentinel
- Tutorial: Visualize and monitor your data
- Quickstart: Get started with Microsoft Sentinel
- What is Azure Lighthouse?
- Extend Microsoft Sentinel across workspaces and tenants
- What is Azure Resource Manager?
- Azure Foundation 4-Week Implementation