Microsoft SentinelMicrosoft AzureMicrosoftSecurity OperationsSecurity
Learning path

Microsoft Sentinel Fundamentals

Skill Level
Fundamentals
Duration 40 minutes
Updated Feb 22, 2026

About this learning path

The Microsoft Sentinel Fundamentals course provides a comprehensive overview of the Microsoft cloud-native SIEM and SOAR platform. It begins with an introduction to Sentinel's architecture, highlighting how it aggregates data across users, devices, and applications to provide a bird's-eye view of an organization's security posture. The curriculum then dives into Threat Intelligence, teaching students how to ingest and manage indicators of compromise (IOCs) from various feeds to proactively identify malicious activity. Central to the course is Analytics, where learners master the Kusto Query Language (KQL). Through KQL, you'll learn to write high-performance queries to filter massive datasets, build custom detection rules, and hunt for sophisticated threats.

Your instructors

Matt RaidaWorld Wide TechnologyManager, Security Practices

Prerequisites

  1. Technical Prerequisites Basic Networking Knowledge: Understanding of the OSI model, TCP/IP, DNS, and the difference between Local Area Networks (LAN) and Wide Area Networks (WAN). Identity & Access Management (IAM): Familiarity with how users are authenticated (passwords, MFA) and authorized (permissions, roles). Common Security Concepts: Basic knowledge of firewalls, VPNs (Virtual Private Networks), and the "castle-and-moat" security philosophy. Cloud Fundamentals: A high-level understanding of cloud service models (SaaS, PaaS, IaaS) since Zero Trust is heavily utilized in cloud environments. Recommended Experience Professional Role: Typically aimed at IT administrators, security analysts, or network engineers. Modern Workspace Knowledge: Awareness of remote work challenges, such as BYOD (Bring Your Own Device) and mobile workforce security.

What you'll learn

Technologies

Learning path
Collapse all
Microsoft Sentinel Fundamentals
  1. 1. Introduction to Sentinel
    1. Enroll in this learning path to view locked contentIntroduction to Sentinel
      Video
      Locked
  2. 2. Data and KQL
    1. Enroll in this learning path to view locked contentData & KQL
      Video
      Locked
  3. 3. Automation Rules & Playbooks
    1. Enroll in this learning path to view locked contentAutomation Rules & Playbooks (SOAR)
      Video
      Locked
  4. 4. Threat Intelligence & UEAB
    1. Enroll in this learning path to view locked contentThreat Intelligence & UEBA
      Video
      Locked
  5. 5. Accelerating Zero Trust with Microsoft
    1. Enroll in this learning path to view locked contentAccelerating Zero Trust: Enabling a Proactive Approach to Security with Microsoft Sentinel
      Article
      Locked
  6. 6. Conclusion
    1. Enroll in this learning path to view locked contentMicrosoft Sentinel Fundamentals Conclusion Quiz
      Quiz
      Locked
    2. Enroll in this learning path to view locked contentLearning Path Complete
      Achievement Badge
      Locked