Microsoft Sentinel + Azure Lighthouse
Microsoft Sentinel paired with Azure Lighthouse is the SIEM/SOAR solution of choice for Managed Security Services Providers (MSSPs), especially since there is no charge for data ingestion from Microsoft data sources. Come to this course to learn more.
Microsoft Sentinel is a cloud-based SIEM/SOAR solution that allows you to ingest audit log data from Microsoft 365 as well as many other sources, and then analyze and alert on that data. Azure Lighthouse is a separate product that allows you to see multiple Customer subscriptions from your Microsoft Partner tenant. Putting these two technologies together could be the building blocks for a Managed Security Services offering.
- The core functions
- Microsoft Sentinel (SIEM) vs. Microsoft 365 Defender (XDR)
- Costs & Billing
- How to set up Lighthouse
- PPTX deck