 So what is Azure Sentinel? Azure Sentinel is a cloud native SIEM or Security Instant and Event Management Service that runs in Azure. It basically means that we can start by having a number of data connectors that send our data into Sentinel. It's built on top of Azure Log Analytics workspaces for querying that data in a familiar way that you may be familiar with if you already use Log Analytics. But ultimately, we can get that data, we can start doing a number of things with it, we can start hunting through that data as a threat hunter or sock analyst to start to look for anomalies or bad actors within our environment. We can also have scheduled queries that run over that data to look for known bad activities and send us alerts when things such as brute force or particular CVEs arise. We can also then do security, orchestration, automation and response by linking that into logic apps and having automated response to some of these security alerts. And then finally, what it helps us do is manage the whole incident process. We can have an incident management pain within Azure Sentinel to manage all of the alerts, assign them to people to look into and investigate and ultimately mark them as resolved or common, et cetera. So really what it gives you is the ability to have that SIEM feature running within the cloud without having to manage any infrastructure and get it set up. You simply just create a workspace, start putting the connectors in and leverage some of the already existing queries or create your own to start analysing and looking through your security event data.