Incident Response & Detection Engineering

• Microsoft Sentinel documentation hub

  2024-10-09

  Central landing page for Sentinel features, data connectors, analytics, and operations.

  Microsoft Learn

• Defender XDR overview and response workflows

  2024-09-22

  Guidance for investigating incidents, correlating signals, and responding across the XDR stack.

  Microsoft Learn

• Sentinel data connector reference

  2024-07-29

  Connector catalog and setup guidance for bringing data into Sentinel.

  Microsoft Learn

• Defender for Identity documentation

  2024-06-18

  Identity-focused detection capabilities and investigation workflows.

  Microsoft Learn

• KQL quick reference

  2024-04-03

  Query language reference for building detections, hunts, and analytics.

  Microsoft Learn

  Why it matters: Helpful for refining detection logic and hunting queries.

• Defender for Endpoint documentation

  2024-03-26

  Endpoint protection, investigation, and response guidance for Defender for Endpoint.

  Microsoft Learn

• Security operations best practices

  2024-02-01

  Guidance on SOC workflows, incident response, and security operations maturity.

  Microsoft Learn

  Why it matters: Useful for aligning SOC operations and metrics.

• Sentinel analytics rule templates

  2024-01-18

  Overview of built-in analytics rules and detection templates.

  Microsoft Learn

• Defender XDR incident response guide

  2023-10-28

  Incident investigation workflow and response steps for Defender XDR.

  Microsoft Learn

No matches found.