Threat Hunting with Notebooks in Sentinel

Security threats are evolving rapidly, and traditional dashboards are no longer enough to keep pace with sophisticated attackers. Threat hunting with programmatic notebooks allows security analysts to dig deeper, automate investigation workflows, and uncover hidden anomalies. This text-based course guides you through the foundational concepts of modern threat hunting using Jupyter Notebooks integrated with Sentinel. You will transition from manual log analysis to writing expressive, reusable hunting queries and automating data visualization. What you'll learn: - Understand the core principles of proactive threat hunting and Sentinel integration - Write foundational Kusto Query Language (KQL) queries to extract security telemetry - Configure Jupyter Notebooks to connect securely to your security data lakes - Analyze and manipulate security logs using modern pandas dataframe workflows - Visualize anomaly data and attack paths using programmatic libraries - Apply structured hunting methodologies to identify persistent threats You will start with key terminology and foundational security concepts before moving step-by-step through setting up your environment, executing queries, and building your first hunting notebook. This course is designed for security analysts, system administrators, and aspiring cybersecurity professionals looking to build modern threat-hunting skills from scratch. No prior experience with notebooks or advanced programming is required. Start your journey into programmatic threat hunting and elevate your security operations today.