Azure Sentinel use cases

Hey guys My SecOps team has an item in their current sprint for developing a use case for detecting an active attacker. Does anyone have any good links to share that I can forward to them?
Thanks in advance!
Thanks in advance!
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, and more.
2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA
"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
2021 goals: AZ-303, AZ-304, maybe TOGAF and more ISACA
"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
Tagged:
Comments
-
chrisone Senior Member Member Posts: 2,207 ■■■■■■■■■□
The following is a good resource for Sentinel training.
https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310
Certs: CISSP, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
2021 Goals
Courses: eLearnSecurity - PTXv2 (complete), SANS 699: Purple Team Tactics (completed), PentesterLabs Pro (ongoing)
Certs: eCPTXv2, AZ-500, SC-200 (fail 1st attempt), EnCE, Splunk Core Power User