Tech Field Day

The Independent IT Influencer Event

  • Home
    • The Futurum Group
    • FAQ
    • Staff
  • Sponsors
    • Sponsor List
      • 2025 Sponsors
      • 2024 Sponsors
      • 2023 Sponsors
      • 2022 Sponsors
    • Sponsor Tech Field Day
    • Best of Tech Field Day
    • Results and Metrics
    • Preparing Your Presentation
      • Complete Presentation Guide
      • A Classic Tech Field Day Agenda
      • Field Day Room Setup
      • Presenting to Engineers
  • Delegates
    • Delegate List
      • 2025 Delegates
      • 2024 Delegates
      • 2023 Delegates
      • 2022 Delegates
      • 2021 Delegates
      • 2020 Delegates
      • 2019 Delegates
      • 2018 Delegates
    • Become a Field Day Delegate
    • What Delegates Should Know
  • Events
    • All Events
      • Upcoming
      • Past
    • Field Day
    • Field Day Extra
    • Field Day Exclusive
    • Field Day Experience
    • Field Day Live
    • Field Day Showcase
  • Topics
    • Tech Field Day
    • Cloud Field Day
    • Mobility Field Day
    • Networking Field Day
    • Security Field Day
    • Storage Field Day
  • News
    • Coverage
    • Event News
    • Podcast
  • When autocomplete results are available use up and down arrows to review and enter to go to the desired page. Touch device users, explore by touch or with swipe gestures.
You are here: Home / Videos / Microsoft Sentinel Capabilities Demo with Abhishek Agrawal

Microsoft Sentinel Capabilities Demo with Abhishek Agrawal



Tech Field Day Exclusive with Microsoft Security


This video is part of the appearance, “Microsoft Security Platform Demos“. It was recorded as part of Tech Field Day Exclusive with Microsoft Security at 8:00-9:00 on October 9, 2025.


Watch on YouTube
Watch on Vimeo

This presentation demonstrates the capabilities of Microsoft Sentinel’s evolution into a unified security platform, showcasing how a single console empowers security practitioners to manage and investigate threats across their entire digital estate. The core principle is that since “attackers think in graphs” and move across domains, defenders need a consolidated, cross-domain view. This is delivered through the Microsoft Defender console, which brings together tools for identity, endpoints, email, and cloud infrastructure. A key feature is the proactive exposure management capability, powered by the Sentinel Graph. It visualizes attack paths from internet-exposed assets to critical data, allowing teams to prioritize patching the most crucial vulnerabilities first, moving beyond simple vulnerability scanning to understanding true organizational risk.

For post-breach scenarios, the platform offers a unified incident queue that reduces alert fatigue by correlating alerts from both Microsoft and third-party sources into a single “Uber story.” When an incident occurs, the Sentinel Graph is used to stitch together the alerts into a coherent narrative and calculate the potential blast radius, showing analysts where an attacker could pivot next and helping them prioritize response actions. This graph-based approach also transforms threat hunting. While analysts can still run traditional Kusto Query Language (KQL) queries on recent data in the analytics tier, they can now also perform “posture hunting” directly on the graph to proactively find overprivileged access or risky configurations before they can be exploited.

These advanced capabilities are powered by the Sentinel Data Lake, which decouples storage and compute to allow for the cost-effective, long-term retention of high-volume data like syslogs and cloud trails. This data is stored in an open Delta Parquet format, enabling multiple forms of analysis on a single copy of the data. Analysts can run KQL queries for retro-hunts spanning years or perform deep, big-data analysis using Spark and Python directly within VS Code. This is further enhanced by AI, where the Sentinel MCP server and GitHub Copilot allow analysts to perform “vibe hunting.” They can use natural language to ask questions, discover relevant data tables in the lake, and even have the AI generate entire Python analysis notebooks, dramatically upskilling the entire SOC and making sophisticated data science accessible to every team member.

Personnel: Abhishek Agrawal

  • Bluesky
  • LinkedIn
  • Mastodon
  • RSS
  • Twitter
  • YouTube

Event Calendar

  • Oct 9-Oct 9 — Tech Field Day Exclusive with Microsoft Security
  • Oct 15-Oct 15 — Tech Field Day Experience at NetApp INSIGHT 2025
  • Oct 22-Oct 23 — Cloud Field Day 24
  • Oct 29-Oct 30 — AI Field Day 7
  • Nov 5-Nov 6 — Networking Field Day 39
  • Nov 11-Nov 12 — Tech Field Day at KubeCon North America 2025
  • Jan 28-Jan 29 — AI Infrastructure Field Day 4
  • Apr 29-Apr 30 — Security Field Day 15

Latest Coverage

  • Celona’s Private Cellular Vision: Redefining Enterprise Connectivity at Scale
  • How Arista is Unifying Campus Networks with Wi-Fi 7, AIOps and Zero-Trust
  • From GPU Gold Rush to Revenue Reality: How Mirantis k0rdent Transforms AI Infrastructure Dreams into Dollars
  • 68 Days Ahead: Turning DNS Data into Compliance and Cyber Resilience
  • What If Your Storage Knew How to Talk Back?

Tech Field Day News

  • The Latest in Cybersecurity Innovation at Security Field Day 14
  • Pushing the Boundaries of AI Performance, Scale, and Innovation at AI Infrastructure Field Day 3

Return to top of page

Copyright © 2025 · Genesis Framework · WordPress · Log in