Building Microsoft Sentinel Usecases with automation using playbooks

#Microsoft #Sentinel is nothing without good #usecases! In this video I'll demonstrate how you can setup Analytics rules (use cases) and automate response on them by using #playbooks.

▼ In this video:
0:00 - Intro
1:05 - Coffee
2:56 - Introduction in Analytics Rules
4:04 - Alert rules based on other Microsoft security solutions
4:46 - Azure Sentinel Fusion (with Demo)
7:22 - Azure Sentinel Rule Templates (with Demo)
10:25 - Scheduled Rules (Theory)
22:50 - Scheduled Rules (Tips)
25:11 - Scheduled Rules - Demo: Analytics Rule setup
36:46 - Setting up automation rules
40:42 - Triggering the automation rule
41:39 - Check incident that has been generated
43:14 - Outro

▼ Automation rules explained:
   • Getting started with automation rules...  

▼ Pluralsight course about KQL queries
https://www.pluralsight.com/courses/k...

▼ Microsoft KQL docs
https://docs.microsoft.com/en-us/azur...

▼ My mediun.com page
  / jeroenniesen  

▼ KustoKing
https://www.kustoking.com/

▼ Social Jeroen Niesen
Twitter:   / jeroenniesen​​  

▼ Social AzureVlog
Twitter:   / azurevlog