Professional Documents
Culture Documents
Cloud Architecture (MSSP Webinar Version, Sept 2020)
Cloud Architecture (MSSP Webinar Version, Sept 2020)
Multi-tenancy and
MSSP support
https://aka.ms/SentinelNinjaTraining
Azure: tenants, subscriptions, workspace etc.
Multi-Workspace best practices
Sovereignty & regulatory compliance • Yes
Granular data access control • Try using resource RBAC or table level RBAC
Granular retention settings • Try using table level retention settings or automate data deletion
cwsSecurityEvent | where ….
here
#3: Automate multi-workspace deployment
and configuration
#3a: Automate deployment and management
Use API, ARM or PowerShell to deploy Azure Sentinel across workspaces:
#3b: Operationalize Azure Sentinel using CI/CD
GitHub
Azure DevOps
Azure Pipelines