Cloud Computing and Virtualisation

Microsoft DW-301 - Migrating your SIEM Solution to Microsoft Sentinel Deployment Workshop

  • Length 2 day
  • Price  NZD 1800 exc GST
Course overview
View dates &
book now
Register interest

Why study this course

This workshop provides a comprehensive understanding of Microsoft Sentinel, from basic concepts to advanced post-migration optimisation strategies. Students will learn how to effectively plan and execute migrations from legacy SIEM systems, implement best practices for automation, and utilise analytical tools to enhance security operations.

Request Course Information


What you’ll learn

After completing this course, students will be able to:

  • Understand Microsoft Sentinel basic concepts

  • Plan the migration

  • Migrate to Microsoft Sentinel from the Legacy SIEMs

  • Conduct post-migration optimisation


Microsoft Solutions Partner - Cloud - Training Services Logo

Microsoft Azure at Lumify Work

Lumify Work has been delivering effective training across all Microsoft products for over 30 years. We are proud to be both Australia's and New Zealand’s first Microsoft Gold Learning Solutions Partner and the winner of the Microsoft MCT Superstars Award for FY24, which formally recognises us as having the highest quality Microsoft Certified Trainers (MCTs) in ANZ. All Lumify Work Microsoft Azure courses follow Microsoft Official Curriculum (MOC) and are led by MCTs.


Who is the course for?

  • Security Engineers

  • Security Operations Analysts

  • IT Security Professionals


Course subjects

Module 1: Microsoft Sentinel basic concepts

  • Microsoft Cloud Fundamentals

  • Log Analytics Fundamentals

  • High level Architecture Design

  • Sizing and Cost Components

  • Data Collection

  • Multi-cloud Environment

  • Automation /SOAR with Microsoft Sentinel

  • Threat Intelligence

  • MITRE Att&ck

  • Analytical Rules

  • Sentinel Workbooks

  • DevOps – CI/CD Automation

Module 2: Planning the migration

  • Planning your Migration

  • Designing your Microsoft Sentinel workspace architecture

  • Microsoft Sentinel content and solutions

  • Writing Queries using Kusto Query language

  • Creating Threat detection rules

Module 3: Migrating to Microsoft Sentinel from the Legacy SIEMs

  • Migrating Detection rules

  • Migrating SOAR Automation

  • Migrating historical data

  • Converting dashboards to workbooks

  • Updating SOC Processes

Module 4: Post-migration optimisation

  • Permissions in Microsoft Sentinel

  • Integrating Threat Detection

  • Hunt for threats

  • User Entity Behaviour Analytics

  • Creating Automation rules

  • Using Playbooks for Automation

  • Investigating incidents

  • Multi-customer Management after Migration


Prerequisites

  • Fundamental understanding of Microsoft Azure

  • Basic understanding of Microsoft Sentinel

  • Experience using Kusto Query Language (KQL) in Microsoft Sentinel


Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.


Request Course Information

Awaiting course schedule

If you would like to receive a notification when this course becomes available, enter your details below.

Personalise your schedule with Lumify USchedule

Interested in a course that we have not yet scheduled? Get in touch, and ask for your preferred date and time. We can work together to make it happen.