Is the training Qualiopi certified?

Yes, Learni is a Qualiopi-certified training organization. This certification guarantees the quality of our courses and enables funding through OPCO and other mechanisms.

How can I fund my training?

Our courses are eligible for OPCO funding. Learni supports you through the funding process. A personalized quote is available upon request.

What are the prerequisites for this training?

The prerequisites for the Training Azure Sentinel - Detecting and Responding to Cyber Threats training are: Solid knowledge of Azure AD, KQL, and security log management. A preliminary interview validates your eligibility.

Is the training available in person?

Yes, the Training Azure Sentinel - Detecting and Responding to Cyber Threats training is available in distanciel. The format can be adapted to your needs (inter, intra, custom).

Training Azure Sentinel - Detecting and… | Learni

The story of Learni

Founded by passionate advocates of learning and innovation, Learni set out to make professional training accessible to everyone, everywhere in the world. Our team works in the largest cities such as Paris, Lyon, Marseille, and internationally, to support talents and organizations in their skills development.

Configure your training

Response within 24hNo commitment100% free

8 spots remaining for the next session

FormatParticipantsDateDetails

Which format do you prefer?

Methods, approaches, and teaching resources

The Training Azure Sentinel - Detecting and Responding to Cyber Threats training is delivered in-person or remotely (blended-learning, e-learning, virtual classroom, remote in-person). At Learni, a Qualiopi-certified training organization, each program is designed to maximize skills acquisition, regardless of the training mode chosen.

The trainer alternates between demonstrative, interrogative, and active methods (through practical exercises and/or real-world scenarios). This pedagogical approach ensures concrete and directly applicable learning in the workplace.

Teaching resources provided

To ensure the quality of the Training Azure Sentinel - Detecting and Responding to Cyber Threats training, Learni provides the following teaching resources:

Mac or PC computers, high-speed fiber internet, whiteboard or flipchart, video projector or interactive touchscreen (for remote sessions)
Training environments installed on workstations or accessible online
Course materials, practical exercises, and supplementary resources
Post-training access to materials and teaching resources

For in-house training at a location external to Learni, the client ensures and commits to having all necessary teaching materials (IT equipment, internet connection...) for the proper conduct of the training action in accordance with the prerequisites indicated in the communicated training program.

* contact us for remote feasibility** ratio varies depending on the training followed

Assessment methods

The assessment of skills acquired during the Training Azure Sentinel - Detecting and Responding to Cyber Threats training is carried out through:

During training: case studies, practical exercises, and professional scenarios
At the end of training: self-assessment questionnaire and skills evaluation by the trainer
After training: training completion certificate detailing acquired skills

Training accessibility

Learni is committed to the accessibility of its professional training programs. All our training programs are accessible to people with disabilities. Our teams are available to adapt teaching methods to your specific needs. Do not hesitate to contact us for any accommodation request.

Training objectives

Master advanced Azure Sentinel configuration for professional supervision

Develop custom analytics rules to detect enterprise threats

Implement automation playbooks for rapid incident response

Optimize investigations with Jupyter notebooks and UEBA

Design certified dashboards for SOC monitoring

Integrate Azure Sentinel with hybrid SIEMs and third-party tools

Training program

Module 1Azure Sentinel Configuration: Deployment and Advanced Connectors (workspaces, log ingestion)

Installation and setup of a dedicated Log Analytics workspace for Azure Sentinel, connection of multiple data sources such as Azure AD, Office 365, and Windows endpoints, configuration of SIEM connectors for optimized log ingestion, practical exercises on a simulated enterprise environment, creation of initial basic rules and real-time data flow verification to validate security coverage.

Module 2Azure Sentinel Detection: Analytics Rules and Hunting Queries (KQL, ML behaviors)

Writing advanced KQL queries to analyze logs and detect anomalies, developing custom analytics rules based on real persistent threat cases, using machine learning for UEBA and identifying malicious entities, practical workshops on simulated attack scenarios such as ransomware or data exfiltration, production of alert reports and tuning thresholds to minimize false positives.

Module 3Azure Sentinel Response: Investigations and Automation Playbooks (Logic Apps, SOAR)

Conducting in-depth investigations via the Incidents and Bookmarks module, triaging merged alerts and event timelines, implementing Logic Apps playbooks to automate responses such as IP blocking or host isolation, integration with Microsoft Defender for complete SOAR orchestration, exercises on concrete zero-day incident cases, creation of deliverables like emergency procedures and response documentation.

Module 4Azure Sentinel Optimization: Dashboards, Tuning, and Enterprise Integrations (API, export)

Designing custom dashboards with Sentinel Workbooks for real-time SOC visualization, optimizing costs and performance via sampling and retention policies, advanced integration with third-party tools like Splunk or ServiceNow via API, workshops on data export and GDPR compliance, final ongoing project with complete solution deployment, code review and maintenance plan for sustainable professional adoption.