Category: SC-200

12th section starting with more Sentinel. This time we are classifying Entities, creating custom log in Log Analytics and parsing the content. So let’s do some designs and configurations. Classify and analyze data by using entities You can do the…

11th section starting with more and more Sentinel. Already in this series we saw that how the different pieces are connected and helping you SOC teams to proactively work on threats. So let’s do some designs and configurations. Design and…

And in this 10th section on my SC-200 study guide we will go through the following topics. Identify data sources to be ingested for Microsoft Sentinel On August 31, 2024, the Log Analytics agent is deprecated. You should begin preparing…

We are already at the 9th section on my study guide and this time we will start with Sentinel. First I want to point the Ninja training that Ofer Shezaf’s and him team has made for you. It was updated…
And this is the second part of 8th section on my study guide and today we are looking at recommendations and the alerts and incidents it will create. Again by apologies to all that had to wait as I cut…
Already in the 8th section on my study guide and today we are looking alerts, automation workflows and remediations. And because this is an huge section to cover, I will cut it in two different posts, my apologies for the…

Continuing the journey with Defender for cloud. This time we will see Data source, how to onboard Azure resources and Azure ARC integration. With the exponential rise of cloud services, companies now place a high priority on protecting cloud workloads….
Then we go to Defender for Cloud and starting with the planning part. Let’s get going! Be sure to check the previous chapters, you will need that information to understand to journey that we are on. Plan and configure Microsoft…
Today we will be discovering XDR with Microsoft 365 Defender. It will be an central hub for many different scenarios. Although you will have interfaces inside Azure portal for Sentinel and Defender for Cloud but you can get those signals…

Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…