Partner Skilling Catalog

PSC

Specialize Microsoft Sentinel for an Agentic SOC
Security
Modern SecOps with Unified Platform
Intermediate
Microsoft SentinelMicrosoft Sentinel

Specialize Microsoft Sentinel for an Agentic SOC

Discover how Microsoft Sentinel empowers you to position a modern, cloud-native SIEM and SOAR solution that addresses todays toughest security challenges. This session will equip you to Articulate Sentinel value in simplifying threat detection, reducing alert fatigue, and accelerating response times for customers. Learn how Sentinel integration with Microsoft Defender, its architecture, and key capabilities that drive business outcomes such as intelligent security analytics, proactive threat hunting, and automation with Security Copilot. How to deploy and connect this SIEM and SOAR solution to different data sources. Showcase how Sentinel helps customers modernize their SOC with AI enabled Security Copilot.

4.5 hours(Suggested: 3 days, 1.5h/day)PresalesTech Deal Ready

MS Course ID: 00954

Last Updated: Feb 5, 2026

Get Started

Pre-requisites

Familiarity withnetworking, identity and security and Azurecloud services

Related Certifications

SC-200

Course Syllabus

1

Planning SOC deployment with Microsoft Sentinel in Defender portal

• The threat landscape and SOC challenge
• Modernize the SOC to defend against the evolving threat landscape
• Microsoft Sentinel SIEM Overview

Platform Architecture

SIEM Key capabilities

Detect, Investigate and Respond

Unified Security Operations with Defender Portal

• Planning for Sentinel SIEM deployment

Workspace Architecture Planning

Sample workspace designs

Prioritize Data Connectors

Plan Data retention and data tiering models with Analytics and Data Lake

Plan costs and understand billing

• Deploy Microsoft Sentinel SIEM

Enable initial content

Connect Microsoft Sentinel to the Microsoft Defender portal

• Deploy Microsoft Sentinel Platform

Microsoft Sentinel Graph (Preview) Overview

Onboarding Sentinel to Data Lake and Graph

• Sentinel Deployments - Best Practices
• How customers can get started - Offers and resources
• Build a business case with Security BCB
• Partner Resources
90 mins
Lecture
2

Implementing Unified SecOps with Microsoft Sentinel in Defender portal

• Sentinel experience in Microsoft Defender portal
• Threat intelligence with Microsoft Sentinel
• Data Analysis and Threat Detection
• Threat hunting
• Threat Analysis in Microsoft Defender
• Investigate incidents
• Investigate incidents in Security Copilot
• Respond to threats
• Security Copilot agents and Security Store
• Manage your unified SOC in Defender portal
• Customer Stories
• Discussion and Wrap up
90 mins
Lecture
3

Build your Response

Customer Case Study

• Business Scenario
• Technology Background
• Customer challenges
• Requirements
• Objections

Present your solution

• Build a 3-5 min pitch as your response to the customer
• Present your pitch
• Handle objections

Preferred Response

90 mins
Lecture

What You'll Learn

Understand core concepts and best practices
Hands-on experience with real-world scenarios
Learn from certified Microsoft experts
Prepare for relevant certifications
Access to lab environments
Post-training support and resources

Course Details

Duration
4.5 hours
Level
Intermediate
Role
Presales
Course Type
Tech Deal Ready
Partner Segment
SMB, Enterprise
Course Stage
Available
Hands-on Labs
No

Partner Skilling Catalog

Comprehensive course catalog for Microsoft partners. Access world-class training on Azure, AI, Security, and more to accelerate your cloud journey.

Connect

Legal & Support

© 2026 Technofocus. All rights reserved.

Sponsored by Microsoft Partner Enablement