Over the course of the pandemic, the entire world switched to remote working, with Teams playing a key part - and the result is that Microsoft Teams has seen an unprecedented amount of growth. In many cases, Teams was thrown out quickly with little planning or governance, to quickly facilitate this shift to remote working.

Unfortunately, this increased usage means that the service has made Teams a more lucrative prize to attackers. Dealing with events and activities occurring across a Teams tenant becomes near impossible at scale. Enter Microsoft Sentinel to help us shutdown any potential threats proactively at scale in real-time.

In this session, we will take you through how to protect your Teams users and data by managing critical changes across and automatically remediate them using Microsoft Sentinel

After attending this session, you will understand at a high-level:

• How to connect Microsoft Teams to Microsoft Sentinel and start retrieving data
• Battle ready Sentinel queries to catch critical real-world Teams threats
• Making use of built-in SOAR capabilities to automate response and generate notifications when critical events occur within your environment, so your team is ready to act
Taking full advantage of Microsoft Teams and Sentinel integration to automate the creation of incident war rooms