Microsoft Sentinel best practices for 2026: reduce SIEM ingestion costs, tune KQL detections, avoid alert fatigue, optimize retention, and migrate to the Defender security portal.
Microsoft Sentinel is a powerful security information and event management (SIEM) system that provides real-time threat detection and response (you can read more about Sentinel in part 1 of this series). It allows security teams to collect, analyze, and act on security data from multiple sources, including Azure, Office 365,
Microsoft Sentinel is a cloud-native security information and event management (SIEM) platform that enables organizations to collect, analyze, and respond to security events across their enterprise (for an introduction please see the first post in this series). Data ingestion is a critical component of the Sentinel platform, as it allows
Microsoft Sentinel is a cloud-native security information and event management (SIEM) system that provides real-time threat detection and response as well as Security orchestration, automation and response (SOAR). It is a powerful tool that allows security teams to collect, analyze, and act on security data from multiple sources. In this
Since we have Azure Sentinel in preview, let’s give it a test spin. Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across the enterprise. Azure Sentinel aggregates data from a lot of sources, including users,
Modern Workplace consultant and a Microsoft MVP in Windows and Devices.
Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.
Cloud & security specialist with focus on Microsoft backend products and cloud technologies.
Cloud & security specialist with focus on Microsoft 365.
Cloud & Security Specialist, with a passion for all things Cybersecurity
Cloud and infrastructure security specialist with background in networking.
Infrastructure architect with focus on design, implementation, migration and consolidation.
Infrastructure consultant with focus on cloud solutions in Office365 and Azure.
Modern workplace and infrastructure architect with a focus on Microsoft 365 and security.
