Skip to content

Security and AI with Azure Sentinel

Photo of Richard Conway
Hosted By
Richard C.
Security and AI with Azure Sentinel

Details

In this fast pace demo heavy set of talks we'll be looking at how Microsoft's new SIEM Azure Sentinel can be used to give insights into data through configuring all appliances and sources to discover threats and generate alerts off of your Azure estate.

Talk 1 Building a SIEM from scratch by Richard Conway: In this talk we'll look what a SIEM is, how to configure sentinel and read from several sources including syslog and CEF. We'll also took a 360 degree look at how this integrates with Windows Defender ATP, Microsoft's new threat protection service. Expect fast pace demos, definitions and software integrations

Talk 2 Advanced Analysis with Sentinel by Darshna Shah: In this talk Darsh will look at the way Sentinel can be used for advanced analysis of streams of data through enrichment, joining and wrangling of sources with Python playbooks in Jupyter notebooks. A true picture of security AI. Expect demos and cool illustrations of what you can do with anomaly detection and machine learning models.

Talk 3 Graphing, Alerts and Remediation by Sandy May: In this talk we will see reporting options available in Azure Sentinel, highlighting similarities to Azure Log Analytics. Sandy will show us the familiar and show the power of Graph reporting and flow for SIEM and how alerts can lead to automated remediation in Azure. Expect to see many interactive reports, dashboards and automation

Photo of UK Azure User Group group
UK Azure User Group
See more events
Microsoft Reactor London
70 Wilson Street · London