Microsoft Sentinel with Sarah Young

About Show #883

Are you using Microsoft Sentinel? Richard talks to Cloud Security Advocate Sarah Young about Sentinel, Microsoft's Security Information and Event Management (SIEM) solution. Sarah talks about the role of the SIEM in creating a common place for all security-related data to arrive. She mentions some of the many tools in the Microsoft suite to feed into Sentinel - Defender for Endpoints, Identity, and Cloud as examples. Specialized analysis tools send summaries to Sentinel, but Sentinel can also process raw logs as well - make sure you need the data because billing for Sentinel is connected to the number of ingress sources. There's a lot to learn, but also a lot of great documentation and information to work from. Check the show notes for links!


Recorded April 6, 2023


Sarah Young is a Senior Cloud Security Advocate working at Microsoft. She has lived all over the place but currently calls Melbourne home. Sarah has been working in cyber security since before it was cool, holds numerous industry qualifications has co-authored few Microsoft Press technical books. In 2019, Sarah won the Security Champion award at the Australian Women in Security Awards. She is an active supporter of both local and international security and cloud native communities. Sarah spends most of her spare time speaking at security conferences in various parts of the world, eating hipster brunches and high teas and spending a disproportionate amount of her income on her dogs.

Show Comments

blog comments powered by Disqus