About this episode
Centralize, retain, and query high-volume, long-term security data across Microsoft and third-party sources for up to 12 years using Microsoft Sentinel's new unified data lake. Correlate signals, run advanced analytics, and perform forensic investigations from a single copy of data—without costly migrations or data silos. Detect persistent, low-and-slow attacks with greater visibility, automate responses using scheduled jobs, and generate predictive insights by combining Copilot, KQL, and machine learning. Vandana Mahtani, Microsoft Sentinel Principal Product Manager shows how to uncover long-running threats, streamline investigations, and automate defenses—all within a unified, AI-powered SIEM experience. ? QUICK LINKS: 00:00 - Microsoft Sentinel Data Lake 01:49 - Data Management 02:46 - Table Management 03:36 - Data Lake exploration 04:17 - Advanced Hunting 05:23 - Query retention data 06:16 - Automate threat detection 07:18 - Move from reactive to predictive 08:50 - Wrap up ? Link References Check out https://aka.ms/SentinelDataLake ? Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos o
