Chapter 1: Getting Started with Azure Sentinel

Welcome to the first chapter in this book about Azure Sentinel. To understand why this solution was developed, and how best to use it in your organization, we need to explore the cloud security landscape and understand each of the components that may feed data into, or extract insights from this system. We also need to gain a baseline understanding of what a strong Security Operations Center (SOC) architecture looks like, and how Azure Sentinel is going to help to build the foundations for a cost-effective and highly automated cloud security platform.

In this chapter, we will cover the following topics:

• The current cloud security landscape
• The cloud security reference framework
• SOC platform components
• Mapping the SOC architecture
• Security solution integrations
• Cloud platform integrations
• Private infrastructure integrations
• Service pricing for Azure Sentinel
• Scenario mapping