Skip to main content
  • Instructor Luke Duffy
  • Duration 3 hours
  • Lessons 3
  • Enrolled 1255 students
  • Language English
  • Video Subtitle English
  • Access 3 Months
  • Quizzes Yes
  • Certificate Yes


Hi! Welcome to Microsoft Defender Training

In this instructor-led demonstration session, we will show you how to investigate, respond to, and hunt for threats using Azure Defender, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies.


Lessons Mitigate threats using Microsoft 365 Defender for Endpoint Mitigate threats using Microsoft 365 Defender for Endpoint

  • Mitigate threats using Microsoft Defender - Analyze threat data across domains and rapidly remediate threats with built-in orchestration and automation in Microsoft 365 Defender. Learn about cybersecurity threats and how the new threat protection tools from Microsoft protect your organization’s users, devices, and data. Use the advanced detection and remediation of identity-based threats to protect your Azure Active Directory identities and applications from compromise.
  • Mitigate threats using Microsoft 365 Defender for Endpoint - Implement the Microsoft Defender for Endpoint platform to detect, investigate, and respond to advanced threats. Learn how Microsoft Defender for Endpoint can help your organization stay secure. Learn how to deploy the Microsoft Defender for Endpoint environment, including onboarding devices and configuring security. Learn how to investigate incidents and alerts using Microsoft Defender for Endpoint. Perform advanced hunting and consult with threat experts. You will also learn how to configure automation in Microsoft Defender for Endpoint by managing environmental settings. Lastly, you will learn about your environment's weaknesses by using Threat and Vulnerability Management in Microsoft Defender for Endpoint.
  • Mitigate threats using Microsoft Defender for Cloud - Use Microsoft Defender for Cloud, for Azure, hybrid cloud, and on-premises workload protection and security. Learn the purpose of Microsoft Defender for Cloud and how to enable it. You will also learn about the protections and detections provided by Microsoft Defender for Cloud for each cloud workload. Learn how you can add Microsoft Defender for Cloud capabilities to your hybrid environment.

What you'll learn

  • Mitigate incidents using Microsoft 365 Defender
  • Perform device investigations
  • Remediate risks with Microsoft Defender for Office 365
  • Configure and manage automation
  • Microsoft Defender for Identity
  • Configure for alerts and detections
  • Manage insider risk in Microsoft 365
  • Workload protections in Microsoft Defender for Cloud
  • Protect against threats with Microsoft Defender for Endpoint
  • Connect Azure assets to Microsoft Defender for Cloud 


  • Basic understanding of Microsoft 365  
  • Fundamental understanding of Microsoft security, compliance, and identity products 
  •  Intermediate understanding of Windows 10 
  •  Familiarity with Azure services, specifically Azure SQL Database and Azure Storage 
  •  Familiarity with Azure virtual machines and virtual networking 
  •  Basic understanding of scripting concepts.

Who this course is for:

The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies.