Manage and use threat indicators
Classify and analyze data by using entities
Create custom logs in Azure Log Analytics to store custom data
Query Microsoft Sentinel data by using Advanced SIEM Information Model (ASIM) parsers
Develop and manage ASIM parsers
Configure automation rules
Create and configure Microsoft Sentinel playbooks
Configure alerts and incidents to trigger automation
Use automation to remediate threats
Use automation to manage incidents
Triage incidents in Microsoft Sentinel
Investigate incidents in Microsoft Sentinel
Respond to incidents in Microsoft Sentinel
Investigate multi-workspace incidents
Identify advanced threats with Entity Behavior Analytics
Activate and customize Microsoft Sentinel workbook templates