Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Content provided by Jeremy Chapman and Microsoft Mechanics. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeremy Chapman and Microsoft Mechanics or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

New data lake in Microsoft Sentinel

9:22
 
Share
 

Manage episode 496309014 series 2391604
Content provided by Jeremy Chapman and Microsoft Mechanics. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeremy Chapman and Microsoft Mechanics or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Centralize, retain, and query high-volume, long-term security data across Microsoft and third-party sources for up to 12 years using Microsoft Sentinel’s new unified data lake. Correlate signals, run advanced analytics, and perform forensic investigations from a single copy of data—without costly migrations or data silos. Detect persistent, low-and-slow attacks with greater visibility, automate responses using scheduled jobs, and generate predictive insights by combining Copilot, KQL, and machine learning.

Vandana Mahtani, Microsoft Sentinel Principal Product Manager shows how to uncover long-running threats, streamline investigations, and automate defenses—all within a unified, AI-powered SIEM experience.

► QUICK LINKS:

00:00 - Microsoft Sentinel Data Lake

01:49 - Data Management

02:46 - Table Management

03:36 - Data Lake exploration

04:17 - Advanced Hunting

05:23 - Query retention data

06:16 - Automate threat detection

07:18 - Move from reactive to predictive

08:50 - Wrap up

► Link References

Check out https://aka.ms/SentinelDataLake

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

  continue reading

211 episodes

Artwork
iconShare
 
Manage episode 496309014 series 2391604
Content provided by Jeremy Chapman and Microsoft Mechanics. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jeremy Chapman and Microsoft Mechanics or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

Centralize, retain, and query high-volume, long-term security data across Microsoft and third-party sources for up to 12 years using Microsoft Sentinel’s new unified data lake. Correlate signals, run advanced analytics, and perform forensic investigations from a single copy of data—without costly migrations or data silos. Detect persistent, low-and-slow attacks with greater visibility, automate responses using scheduled jobs, and generate predictive insights by combining Copilot, KQL, and machine learning.

Vandana Mahtani, Microsoft Sentinel Principal Product Manager shows how to uncover long-running threats, streamline investigations, and automate defenses—all within a unified, AI-powered SIEM experience.

► QUICK LINKS:

00:00 - Microsoft Sentinel Data Lake

01:49 - Data Management

02:46 - Table Management

03:36 - Data Lake exploration

04:17 - Advanced Hunting

05:23 - Query retention data

06:16 - Automate threat detection

07:18 - Move from reactive to predictive

08:50 - Wrap up

► Link References

Check out https://aka.ms/SentinelDataLake

► Unfamiliar with Microsoft Mechanics?

As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.

• Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries

• Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog

• Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast

► Keep getting this insider knowledge, join us on social:

• Follow us on Twitter: https://twitter.com/MSFTMechanics

• Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/

• Enjoy us on Instagram: https://www.instagram.com/msftmechanics/

• Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

  continue reading

211 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play