Are you using Microsoft Sentinel? Richard talks to Cloud Security Advocate Sarah Young about Sentinel, Microsoft's Security Information and Event Management (SIEM) solution. Sarah talks about the role of the SIEM in creating a common place for all security-related data to arrive. She mentions some of the many tools in the Microsoft suite to feed into Sentinel - Defender for Endpoints, Identity, and Cloud as examples. Specialized analysis tools send summaries to Sentinel, but Sentinel can also process raw logs as well - make sure you need the data because billing for Sentinel is connected to the number of ingress sources. There's a lot to learn, but also a lot of great documentation and information to work from. Check the show notes for links!Links:Microsoft SentinelArcSightDefender Security AlertsDefender for EndpointDefender for IdentityMicrosoft Digital Defense Report 2022Defender for CloudWhat is CSPM?Security Baselines BlogMicrosoft Security CopilotRecorded April 6, 2023

Ver todos los episodios