Azure Sentinel use cases

Hey guys My SecOps team has an item in their current sprint for developing a use case for detecting an active attacker. Does anyone have any good links to share that I can forward to them?
Thanks in advance!
Thanks in advance!
Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS2022 goal(s): CRISC, AWS Certified Cloud Practitioner"You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
Tagged:
Comments
https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310
2023 Cert Goals: SC-100, eCPTX