Below you will find pages that utilize the taxonomy term “Security”
Blog Postsread more
AI Security Skills Challenge - Week 1: Defender for Cloud Deployment Mastery
Week 1 Overview
This week focused on mastering Microsoft Defender for Cloud deployment through three distinct approaches, building a solid security infrastructure foundation to support AI integration in subsequent weeks. The primary goal was to establish comprehensive deployment expertise while preparing for Week 2’s modern unified security operations platform.
Planned Activities
Deployment Mastery Approaches
- Azure Portal Deployment: Comprehensive learning path with visual interface and detailed explanations
- Modular Infrastructure-as-Code: PowerShell + Bicep templates for controlled automation
- Complete Automation: Enterprise-ready single-command deployment
- Regional Deployment Configuration: East US deployment for complete AI security coverage and Week 2 compliance
Infrastructure Foundation
- Baseline security policies and monitoring configuration
- Defender for Cloud plans enablement across all subscription services
- Virtual machine deployment for testing and validation scenarios
- Just-in-Time (JIT) access policies implementation
- Microsoft Sentinel integration for SIEM capabilities
Documentation and Validation
- Deployment comparison guide with practical recommendations
- Week 2 bridge validation for modern unified security operations readiness
- Automated decommission scripts for lab cleanup
- Learning resources compilation and organization
Key Deliverables
1. Three-Approach Deployment Mastery
Status: [COMPLETE]
Blog Postsread more
Microsoft Sentinel Infrastructure as Code - Automation Framework Overview
Project Overview
If you’ve ever found yourself manually clicking through the Azure portal to deploy resources, what starts as a simple “quick setup” quickly becomes hours of configuration, validation, and hoping you didn’t miss a critical setting. That’s exactly the problem I set out to solve with this Infrastructure as Code automation framework.
This project represents my journey to build a comprehensive solution for deploying and managing Microsoft Sentinel environments using Azure DevOps Pipelines. The goal was simple: make security operations scalable, repeatable and easy to update.
Projectsread more
Microsoft Sentinel-as-Code
Version: 1.0.0
Author: Marcus Jacobson
License: MIT
Repository: GitHub
Project Status
- Foundation Infrastructure: COMPLETE
- Analytics Rules (NRT): COMPLETE
- Analytics Rules (Scheduled): COMPLETE
- Watchlist Automation: COMPLETE
- Hunting Queries: Planned
- Automation Rules: Planned
- Workbooks: Planned
- Data Connectors: Available via Content Hub
Project Goal
This project provides a comprehensive automation framework for deploying and managing Microsoft Sentinel environments using Azure DevOps Pipelines. The framework enables organizations to implement security operations at scale with consistency, repeatability, and governance through Infrastructure as Code (IaC) principles.