Becoming a Microsoft Sentinel Expert

AVG Duration3h


This learning path takes you through the basics to an expert level with the Microsoft Sentinel SIEM tool to advance in Security operations in Azure Cloud.

If you have any feedback relating to this learning path, feel free to get in touch with us at

Learning Objectives

  • Understand the Microsoft Sentinel offering and capabilities
  • Use Data Connectors in the Sentinel workspace
  • Create and Use Analytics Rule to investigate threats
  • Create Playbooks to automate threat response
  • Use the Threat Hunting dashboard to proactively hunt for threats

Intended Audience

  • Anyone who wants to become an Azure Security Engineer


  • An understanding of general IT concepts, especially networking and programming
  • An understanding of basic Azure services such as log analytics, storage, and compute


Your certificate for this learning path

Training Content

Course - Beginner - 2m
Learning Path Introduction - Becoming a Microsoft Sentinel Expert
This course introduces the Becoming a Microsoft Sentinel Expert learning path which covers the a range of aspects of the Microsoft Sentinel service.
Hands-on Lab - Beginner - 1h
Introduction to Microsoft Sentinel
Learn how to use Microsoft Sentinel security tools to collect, investigate and hunt threats using this hands-on lab.
Hands-on Lab - Intermediate - 1h 30m
Investigating Security Events using Microsoft Sentinel
Learn how to investigate security attacks on a Windows virtual machine using Microsoft Sentinel Analytics Rule in this hands-on lab.
Hands-on Lab - Advanced - 1h 30m
Automating Threat Response using Sentinel Playbooks
Learn how to automate Threat Response based on Incident trigger using Sentinel Playbooks in this hands-on lab.
Hands-on Lab - Intermediate - 1h
Advanced Threat Hunting in Microsoft Sentinel
Learn how to hunt for potential threats and generate incidents from bookmarks in your Azure Environments using Microsoft Sentinel in this hands-on lab.
Hands-on Lab Challenge - Intermediate - 1h 30m
Azure Sentinel Incident Triage Challenge
Put your Azure Sentinel skills to the test as you triage incidents in this hands-on lab challenge.
About the Author
Learning paths2

Parveen is an Azure advocate with previous experience in the professional consulting services industries. He specializes in infrastructure and DevOps with a wide range of knowledge in security and access management. He is also an Azure Certified - DevOps Engineer Expert, Security Engineer, Developer Associate, Administrator Associate, CompTIA Certified - Network+, Security+, and AWS Cloud Practitioner.
Parveen enjoys writing about cloud technologies and sharing the knowledge with the community to help students upskill in the cloud.