Azure Sentinel for PowerShell Scripters
Details
Our March meeting will be our first virtual meeting! Join us to hear about Azure Sentinel from Josh King:
Azure Sentinel is Microsoft's new cloud based and machine learning enabled Security Information and Event Management (SIEM) service. You don't have to work in a SOC to make use of this new tool, however.
Let's take a look from a high level at what Azure Sentinel is, and then pivot to see how PowerShell scripters can make use of it for their own use cases. First, we'll see how we can send arbitrary data through to the service. Then, we'll take that a step further and look at how we can log our own PowerShell activity.
Finally, we'll wrap up by looking at what our options are for taking action on the data we're sending to Azure Sentinel.
Josh King is a Microsoft Cloud and Datacenter Management MVP and a MSOC Systems Administrator at Tribe in Hawke’s Bay, New Zealand. The bulk of his time is spent in Windows and VMware environments. Josh has a passion for PowerShell and automation.
--------------------------------------------------
Zoom meeting information:
Meeting ID: 195 774 459
Topic: Azure Sentinel for PowerShell Scripters
Time: Mar 11, 2020 06:00 PM Eastern Time (US and Canada)
Join Zoom Meeting Link
https://igymarinas.zoom.us/j/195774459
One tap mobile
US: 19294362866,,195774459#
Dial by your location
US: 1 929 436 2866
Meeting ID: 195 774 459