Hi, all! Welcome to the weekly newsletter. And, welcome to all the new subscribers this week! For whatever reason, we had an even larger new subscriber week. Hey, I’m not complaining. The more the merrier.
This week, there’s a couple things I’d like to make mention of before leaving you with the week’s newsletter content.
First off, we have new survey available where you can supply your feedback. This one is around using more automation to help with investigation and incident workflow. The survey won’t take much of your time, but the results could be far reaching. So, if you time, please supply your feedback:
Sentinel Incident Workflow survey
Today, Microsoft Sentinel Automation rules and Playbooks can help automate the incident handling process and run some tasks on-demand. We have heard from customers that this doesn’t quite solve the “incident workflow” problem completely. We are looking to better solve this, end-to-end, and are open to creating new features to accomplish this. To scope the effort, we would love to hear from our customers.
Secondly, I don’t know if you caught it this week, but we have a new SC-series exam coming: SC-100- Microsoft Cybersecurity Architect.
- Design a Zero Trust strategy and architecture (30–35%)
- Evaluate Governance Risk Compliance (GRC) technical strategies and security operations strategies (20–25%)
- Design security for infrastructure (20–25%)
- Design a strategy for data and applications (20–25%)
The exam is supposed to drop in beta in April and once you take it with one of the other security focused exams (SC-200, SC-300, AZ-500, or MS-500) you level-up to Microsoft Certified: Cybersecurity Architect Expert.
I’m really looking forward to this exam. To hear more and keep tabs on when it officially releases, see: https://cda.ms/403
Lastly…I think it’s worth trumpeting that I delivered the 500th assessment certificate for the Must Learn KQL learning series this week! That’s a major accomplishment and something I didn’t expect. The series completed and the assessment made available only a couple weeks ago. Congratulations to all that have completed the series and passed the assessment!
Part of my daily workload now is to deliver certificates each morning, and the flow has been steady. If you’re still trying to get started with KQL and haven’t heard of this series yet, check out: https://aka.ms/MustLearnKQL
For those working through the training and getting ready to take the assessment - I have a certificate with your name on it!
That’s it from me for this week. Have a wonderful weekend all!