From the course: Complete Guide to Microsoft Copilot for Security: Empower and Protect the Security Operations Center (SOC) by Microsoft Press
Join today to access over 25,300 courses taught by industry experts.
7.5 Use case: Incident response - Microsoft Security Copilot Tutorial
From the course: Complete Guide to Microsoft Copilot for Security: Empower and Protect the Security Operations Center (SOC) by Microsoft Press
7.5 Use case: Incident response
- [Instructor] So with copilot for security, it's really changing the game on doing incident response and looking through incidents. Besides the fact that we can look at a lot of different areas with both Microsoft first party and third party products, but we also can call into effect these prompt books. So these are repeatable processes that I would do on every incident investigation and take a look at what's going on. So in this case, I'm going to choose a Sentinel incident investigation because in my case, I'm using Sentinel, which many of the people that are using copilot for security are, but not everyone. Again, there's ways to be able to tie in data from other sources besides Sentinel, but as we've got in some upcoming sessions on how to tie in Sentinel logic apps as well. But, so I've got a Sentinel incident that I want to start working and start investigating. So I'm going to give that Sentinel incident ID that's popped up and I'm just going to hit run and run that through…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
(Locked)
Learning objectives39s
-
7.1 Use case: Executive and technical summarization5m 25s
-
(Locked)
7.2 Use case: Cross technology analysis5m 7s
-
(Locked)
7.3 Use case: KQL code generation2m 52s
-
(Locked)
7.4 Use case: Threat hunting7m 21s
-
(Locked)
7.5 Use case: Incident response4m 16s
-
(Locked)
7.6 Use case: Vulnerability management6m 47s
-
(Locked)
-
-
-
-
-
-