Welcome to Scribd!

L400-P8 Notebooks and Hunting

Uploaded by

0% found this document useful (0 votes)

5 views14 pages

This document provides an overview of using notebooks in Azure Sentinel for hunting and investigations. Notebooks allow you to create interactive documents containing live code, visualizations, and narrative text. They provide benefits like a full scripting environment, data persistence, sharing capabilities, and access to various libraries. The document recommends building notebooks on the fly for deep investigations or hunting, and authoring reusable notebooks as templates. It also lists KQL Magic and MSTICPY as tools for using KQL and the Microsoft Threat Intelligence Python SDK in notebooks.

Original Description:

Copyright

Available Formats

PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Report this Document

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

0% found this document useful (0 votes)

5 views14 pages

L400-P8 Notebooks and Hunting

Uploaded by

H Z

Copyright:

Available Formats

Download as PDF, TXT or read online from Scribd

Flag for inappropriate content

Download as pdf or txt

Jump to Page

You are on page 1of 14

Search inside document

Azure Sentinel Level 400

Hunting and using

notebooks
• In this module you will learn
Overview how to hunt using Azure
Sentinel.

• Azure Sentinel Overview

Pre- module.
requisites
• KQL workshop.
Hunting
© Microsoft Corporation Azure
Visualize data sets



Notebooks
• A web app for creating and
running interactive
documents.
• Documents contain:
• live code,
• Visualizations
• Narrative text
• App Server can be:
• Free MS service
• Azure VM, Local Docker
• Data persistency
• Full scripting/programming environment (vs. declarative query)
• Sharing, Knowledge base
• Access to a wide variety of libraries:
• Machine learning
• Advanced data manipulation and analysis
• Visualization

Also read Why Use Jupyter for Security Investigations

• Building notebooks on the fly
• Tier 3 Analysts requiring deep investigation capability
• Hunters/Threat Intel analysts
• Authoring reusable notebooks
• By Tier 3 analysts and SOC Engineering
• For use as template notebooks by Tier 1+
• KQL Magic
• MSTICPY
 Notebooks lab

 Kqlmagic

 Msticpy

 Why Use Jupyter for Security Investigations

Microsoft Sentinel Training Notes
Document16 pages
Microsoft Sentinel Training Notes
xapehox362
No ratings yet
AZ-900T01 Microsoft Azure Fundamentals-02
Document27 pages
AZ-900T01 Microsoft Azure Fundamentals-02
Summon
No ratings yet
AZ-103T00A: Microsoft Azure Administrator: About This Course
Document3 pages
AZ-103T00A: Microsoft Azure Administrator: About This Course
sp
No ratings yet
03 Microsoftazurefundamentalssolutions 11606403870213
Document25 pages
03 Microsoftazurefundamentalssolutions 11606403870213
cvb vbn
No ratings yet
Azure Cloud Week Curriculum
Document24 pages
Azure Cloud Week Curriculum
Fadhil Muhammad
No ratings yet
Mastering Azure DevO
Document7 pages
Mastering Azure DevO
Satish
No ratings yet
Google Cloud Services Part II
Document30 pages
Google Cloud Services Part II
archiseth_516303960
No ratings yet
Microsoft Certified Azure Developer Associate
Document8 pages
Microsoft Certified Azure Developer Associate
DotNetTricks
No ratings yet
DP-203T00 Data Engineering On Microsoft Azure
Document12 pages
DP-203T00 Data Engineering On Microsoft Azure
Forjohna Shaik
No ratings yet
CC Unit 4
Document7 pages
CC Unit 4
Sakeena Alam
No ratings yet
Eslog Data Sheet
Document7 pages
Eslog Data Sheet
IcursoCL
No ratings yet
Mastering Azure DevOps Solutions
Document7 pages
Mastering Azure DevOps Solutions
BNREDDY PS
100% (1)
20765C 07
Document29 pages
20765C 07
douglas
No ratings yet
Azure Masters Catalog
Document41 pages
Azure Masters Catalog
Raj
No ratings yet
MIE1628 Big Data Analytics Lecture8
Document82 pages
MIE1628 Big Data Analytics Lecture8
Viola Song
No ratings yet
Azure Development Training Mallaiah Somula PDF
Document10 pages
Azure Development Training Mallaiah Somula PDF
Praveen Madupu
No ratings yet
Azure Container Services
Document14 pages
Azure Container Services
amish raj
No ratings yet
Mastering Microsoft Azure
Document8 pages
Mastering Microsoft Azure
pratibha777
No ratings yet
Azure Masters Catalog
Document51 pages
Azure Masters Catalog
Mouadh Khelifi
100% (1)
Mini Assignments
Document4 pages
Mini Assignments
RaviRamachandra R
No ratings yet
Essentials On Azure DevOps Services and GitHub Book 6
Document102 pages
Essentials On Azure DevOps Services and GitHub Book 6
felixlui1
No ratings yet
Course Syllabus: AZURE202x: Azure Virtual Machines
Document2 pages
Course Syllabus: AZURE202x: Azure Virtual Machines
Juan Casachagua
No ratings yet
Presentation On MVC and ORM
Document73 pages
Presentation On MVC and ORM
PrateekChauhan
No ratings yet
Pythons Q Lite
Document7 pages
Pythons Q Lite
shaykebitton
No ratings yet
Android Developer: Pixel - IT
Document12 pages
Android Developer: Pixel - IT
ajay
No ratings yet
AI Engineer Using Microsoft Azure Nanodegree Program Syllabus
Document14 pages
AI Engineer Using Microsoft Azure Nanodegree Program Syllabus
Cylub
No ratings yet
Exam Az 300 Microsoft Azure Architect Technologies Skills Measured
Document11 pages
Exam Az 300 Microsoft Azure Architect Technologies Skills Measured
ud
100% (1)
Introduction To Serverless Compute With Azure Functions: Callon Campbell Systems Architect
Document30 pages
Introduction To Serverless Compute With Azure Functions: Callon Campbell Systems Architect
Khai Eman
No ratings yet
Planning and Implementing Data Services
Document33 pages
Planning and Implementing Data Services
Alok Sharma
No ratings yet
Azurearchitecture
Document2 pages
Azurearchitecture
Abhirath Seth
No ratings yet
Ch4 OpenStack New (Autosaved)
Document242 pages
Ch4 OpenStack New (Autosaved)
aka
No ratings yet
DevOps Course Content
Document11 pages
DevOps Course Content
IntelliQ IT
No ratings yet
MS Azure - Azure Devops-Syllabus
Document14 pages
MS Azure - Azure Devops-Syllabus
shazil shaik
No ratings yet
Microsoft Azure Administrator Guia AZ 104
Document5 pages
Microsoft Azure Administrator Guia AZ 104
Roberto Lopez
No ratings yet
Applications Natives Du Cloud.
Document105 pages
Applications Natives Du Cloud.
abdelwahed
No ratings yet
WorkshopPLUS - Modernizing Applications With Containers and Orchestrators
Document2 pages
WorkshopPLUS - Modernizing Applications With Containers and Orchestrators
valfer1981
No ratings yet
Croma Campus - Cloud Computing Training Curriculum
Document6 pages
Croma Campus - Cloud Computing Training Curriculum
Clement Ebere
No ratings yet
Security Best Practices in Azure Cloud - Viktorija Almazova
Document31 pages
Security Best Practices in Azure Cloud - Viktorija Almazova
gemstone lab
100% (1)
AZ103Microsoft Azure Administrator
Document5 pages
AZ103Microsoft Azure Administrator
Amar Singh
No ratings yet
DP 203T00A ENU AssessmentGuide
Document13 pages
DP 203T00A ENU AssessmentGuide
wciscato
No ratings yet
Hunt For Threats Using The Microsoft Sentinel Portal Slides
Document32 pages
Hunt For Threats Using The Microsoft Sentinel Portal Slides
Jesse Oliveira
No ratings yet
OE Unit2
Document26 pages
OE Unit2
hackcodes.freecluster
No ratings yet
Security
Document66 pages
Security
Husseni Muzkkir
No ratings yet
Az 104
Document6 pages
Az 104
dipaksingh1980
No ratings yet
DP-070T00 Migrate Open Source Data Workloads To Azure-01
Document28 pages
DP-070T00 Migrate Open Source Data Workloads To Azure-01
Nguyen Khanh Hoa (TGV)
No ratings yet
M06 - PaaS Security
Document87 pages
M06 - PaaS Security
dlafuented
No ratings yet
Openstack PDF
Document633 pages
Openstack PDF
ersindir
No ratings yet
AZ-900: Microsoft Azure Fundamentals Exam Resources
Document7 pages
AZ-900: Microsoft Azure Fundamentals Exam Resources
Robin
No ratings yet
AZ 104T00A ENU CourseOutline
Document4 pages
AZ 104T00A ENU CourseOutline
Brice TOSSAVI
No ratings yet
SouravRoy FullStackCloudMicroservicesDeveloper Profile
Document4 pages
SouravRoy FullStackCloudMicroservicesDeveloper Profile
hrmohammedabubakar
No ratings yet
Microservices, Container Docker and Kubernetes
Document26 pages
Microservices, Container Docker and Kubernetes
Abidzar Muhammad Ghifari
No ratings yet
19 Tuesday, December 19, 2023, Midterm Review
Document8 pages
19 Tuesday, December 19, 2023, Midterm Review
Pisethsambo Phok
No ratings yet
Flask-Basic-Introducation
Document7 pages
Flask-Basic-Introducation
swatantra.yadav
No ratings yet
Azure Data Engineer
Document54 pages
Azure Data Engineer
parashar1505
100% (4)
Developers
Document20 pages
Developers
Tentu Jayaram
No ratings yet
Pavan Gatadi DevOps Engineer Resume
Document5 pages
Pavan Gatadi DevOps Engineer Resume
Harshvardhini Munwar
No ratings yet
G1 Midori PPT
Document17 pages
G1 Midori PPT
Shah Dishank
No ratings yet
WWW - Aka.ms/pathways: Getting Started Role Based Certification Doing More Going Further.. and Further
Document1 page
WWW - Aka.ms/pathways: Getting Started Role Based Certification Doing More Going Further.. and Further
Marwan Saad
100% (1)
Course
Document27 pages
Course
Anonymous IVxadA7HR
No ratings yet
Hands-on Azure Functions with C#: Build Function as a Service (FaaS) Solutions
From Everand
Hands-on Azure Functions with C#: Build Function as a Service (FaaS) Solutions
Ashirwad Satapathi
No ratings yet