Azure Sentinel - A first look at Microsoft's SIEM Solution

Presented at DerbyCon 9.0 Finish Line (2019), Sept. 6, 2019, 2 p.m. (45 minutes)

A fun walk-through of what's great and what's not-so great about the brand new Azure Sentinel SIEM.This will be based on my real-world experience deploying this solution into my organization's hybrid-cloud infrastructure. I'll show you what it was like to set up data collection, security alerts, and automation. What did Microsoft get right and what did they get wrong?Let's talk about it.

Presenters:

• Carl Hertz
  Carl Hertz is Director of Information Technology at Elevate Energy, a non-profit dedicated to bringing the benefits of the Green Economy to everyone. He has been an IT professional for 30 years, a security professional for 15, a hiring manager for 20 years, a project manager for 10 years, and a goofball for all of his life. You can follow his posts about tech, security, music, cycling, astronomy, feminism, parenthood, depression, and all the lulz at @cillic on Twitter.

Links:

• https://infocon.org/cons/DerbyCon/DerbyCon 9 2019/Azure Sentinel A first look at Microsofts SIEM Solution Carl Hertz.mp4
• https://infocon.org/cons/DerbyCon/DerbyCon 9 2019/Azure Sentinel A first look at Microsofts SIEM Solution Carl Hertz.eng.srt (subtitles)
• https://www.youtube.com/watch?v=hejkFDTdLRs

Similar Presentations:

• ShmooCon XIV (2018) / This Is Not Your Grandfather's SIEM
• TROOPERS18 (2018) / All Your Cloud Are Belong To Us - Hunting Compromise in Azure
• Wild West Hackin' Fest 2019 / Microsoft Azure: Dark Clouds and Weaponized Skies