Convert a hunting query to an analytical rule
Track query results with bookmarks
Use hunting bookmarks for data investigations
Perform hunting by using notebooks
Develop and manage ASIM parsers
Configure Microsoft Sentinel roles
Query Microsoft Sentinel data by using Advanced SIEM Information Model (ASIM) parsers
Configure and use MSTICPy in notebooks
Identify and remediate security risks using Microsoft Secure Score
Plan a Microsoft Sentinel workspace
Create custom logs in Azure Log Analytics to store custom data
Monitor hunting queries by using Livestream
Manage user data discovered during an investigation
Manage investigation and remediation actions in the Action Center