Elevate your security analysis skills with the Kusto Query Language (KQL) training course, offering hands-on experience in a hyper-realistic lab environment! Whether you’re a security analyst or incident responder utilizing Microsoft Sentinel, Defender for Endpoint, or Microsoft 365 Defender XDR, or simply aspiring to master the KQL for security analysis, this course is for you!
Syllabus
-
Introduction to Databases and Logging
-
KQL Fundamentals and Exploring Data
-
Searching and Filtering Data
-
Creating and Manipulating Fields
-
Combining Data Sets
-
Joining Datasets
-
Using External Threat Intel Feeds
-
Time Traveling within the Logs
-
Aggregating Data
-
Visualizing Data
-
Time Series Analysis
-
Rapid Triage and Investigation Using KQL
-
Capstone: Incident Response and Threat Hunting
-
Course Wrap-Up
