Microsoft Sentinel helps organizations protect their Microsoft 365 tenants by providing insight into activity that might require investigation. This article shows how to set up Microsoft Sentinel with a basic configuration that delivers a great deal of value by enhancing your security posture. In just four simple steps, you can connect Microsoft Sentinel to other Microsoft Cloud Security products to get a single pane of glass for incidents and automate security response through playbooks.
While Microsoft Sentinel is certainly an excellent product, many organizations lack clear understanding around Microsoft 365 Defender and if it also provides a way to aggregate multiple security products. Microsoft MVP Thijs Lecomte explores the differentiators in this article: having a bird's eye view across security products, automation, third-party data sources, and more importantly - why you should enable it.
Continuing our review of practices to protect cloud infrastructures from weaknesses that can be introduced from on-premises accounts, we consider admin rights, authentication, and conditional access policies. Plus the need to collect and analyze the log data available in cloud environments to make sure that nothing nasty is slipping through.