Better Together: Next Gen SOC Powered by Microsoft Sentinel and Tanium
This lab focuses on integrating Tanium with Microsoft Sentinel to enhance SOC (Security Operations Center) capabilities. The integration utilizes Tanium connectors and Sentinel's real-time capabilities to offer several benefits:
Data Integration: Students will learn how to send data from Tanium to Sentinel and create incidents using the Tanium connection.
Incident Management: The lab involves leveraging both automated and manual incident actions, utilizing Tanium as a data source.
Real-time Remediation: Students will use Tanium's API for real-time remediation actions within Sentinel.
Pre-Req(s): Practical experience with Tanium, specifically Threat Response; Basic understanding of Microsoft Sentinel
Additional details: