0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Microsoft Unified XDR and SIEM Solution Handbook

You're reading from Microsoft Unified XDR and SIEM Solution Handbook Modernize and build a unified SOC platform for future-proof security

Product type Paperback

Published in Feb 2024

Publisher Packt

ISBN-13 9781835086858

Length 296 pages

Edition 1st Edition

Concepts

Cloud Security

Authors (2):

Raghu Boddu

Sami Lamppu

View More author details

Table of Contents (17) Chapters

Preface

1. Case Study – High Tech Rapid Solutions Corporation

2. Part 1 – Zero Trust, XDR, and SIEM Basics and Unlocking Microsoft’s XDR and SIEM Solution FREE CHAPTER

3. Chapter 1: Introduction to Zero Trust

4. Chapter 2: Introduction to XDR and SIEM

5. Chapter 3: Microsoft’s Unified XDR and SIEM Solution

6. Part 2 – Microsoft’s Unified Approach to Threat Detection and Response

7. Chapter 4: Power of Investigation with Microsoft Unified XDR and SIEM Solution

8. Chapter 5: Defend Attacks with Microsoft XDR and SIEM

9. Chapter 6: Security Misconfigurations and Vulnerability Management

10. Chapter 7: Understanding Microsoft Secure Score

11. Part 3 – Mastering Microsoft’s Unified XDR and SIEM Solution – Strategies, Roadmap, and the Basics of Managed Solutions

12. Chapter 8: Microsoft XDR and SIEM Implementation Strategy, Approach, and Roadmap

13. Chapter 9: Managed XDR and SIEM Services

14. Chapter 10: Useful Resources

15. Index

Why subscribe?

16. Other Books You May Enjoy

SOC journey with Microsoft’s unified security operations platform

In this section, we focus on the investigation experience by highlighting a few key features in a scenario where an organization is utilizing both Microsoft Sentinel and Microsoft Defender XDR in its SOC operations.

Typically, when an incident is created in the Sentinel incident queue, the SOC team receives a notification about the incident. Notifications can be sent to third-party solutions such as ServiceNow or Jira depending on what ticketing system the SOC team uses.

If a third-party SOAR solution is in use (for example, Cortex XSOAR, formerly Demisto), this can be the place where the investigation process starts. In some cases, typically in smaller organizations, there may not necessarily be a ticketing system in use for handling case management in SOC; rather, a Teams channel or email notifications may be the preferred way to get notified about new incidents.

Investigation in Microsoft Sentinel

...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Raghu Boddu

Raghu Boddu

Raghu Boddu is a Microsoft Security MVP based out of Texas. He works as Technical Director and leads Security & Threat Practice at Edgile, a Wipro company. A Visionary Leader with more than two decades of IT experience, helped many customers as advisory, specialization in Cyber Security, Legacy Migration & Modernization Strategies, multi-cloud/hybrid implementations, Digital Cloud Transformation Roadmaps, Cloud Native Architectures, etc. Raghu has earned dual masters (Master of Science in Information Services and Master of Science in Information Technology). He is a PMP certified, Agile Scrum certified & Six Sigma Green Belt certified and also holds Azure and AWS Solution Architect certifications.

See other products by Raghu Boddu

Lamppu

Lamppu

Sami Lamppu is a Cloud Security Lead at Netox, a Finland-based Cyber Security company. With over 20 years of IT experience, he is a distinguished expert in the field. He is not only a Microsoft Security MVP but also a passionate advocate for cloud security. For the past 8 years, he has been specializing in cloud security, focusing on innovative solutions and strategies. His expertise extends beyond the cloud, encompassing multi-cloud and hybrid implementations, as well as on-premises environments. Sami is the co-author of the "Entra ID Attack & Defense Playbook" (formerly known as the "Azure AD Attack & Defense Playbook"), and also blogs frequently. He holds a Bachelor's degree in business information technology and holds ~50+ Microsoft certifications, dating back to Windows Server 2003 and Windows XP.

See other products by Lamppu

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m