Deploying Your First Microsoft Sentinel Workspace on Azure

Microsoft Sentinel is a powerful, cloud-native SIEM (Security Information and Event Management) and SOAR (Security Orchestration, Automation, and Response) solution that helps organizations monitor, detect, and respond to security threats in real time. This lab introduces you to Microsoft Sentinel by walking you through the creation of your first Sentinel workspace and connecting it to a Log Analytics workspace. These foundational steps prepare your environment for advanced security monitoring and analytics.

Objectives

Upon completion of this lab, you will be able to:

• Understand the purpose and architecture of Microsoft Sentinel.
• Create and configure a Sentinel workspace in the Azure portal.
• Connect Sentinel to a Log Analytics workspace for data ingestion.
• Prepare your Sentinel workspace for connecting data sources and creating detection rules.

Who is this Lab For?

This lab is ideal for:

• Beginners who are new to Microsoft Sentinel and want to understand its setup and configuration.
• Security professionals looking to explore Microsoft Sentinel as part of their organization's security operations.
• Developers and IT administrators seeking to enhance their skills in cloud security monitoring.