Interactive Training Platform

Microsoft Defender

Security Operations & Threat Detection for the Modern SOC

8 Modules
28 Lessons
11 Hours
Start Learning
M

Your Trainer: Maheshwar

Infrastructure & Cloud Administrator (HCLTech)

Microsoft Security Operations & Threat Detection Expert

Connect on LinkedIn

What You'll Learn

Understand the Microsoft Defender security product family and XDR architecture
Investigate and respond to incidents using Microsoft Defender XDR portal
Configure and manage Microsoft Defender for Endpoint protection
Detect and respond to email and collaboration threats with Defender for Office 365
Monitor identity-based attacks using Defender for Identity
Protect cloud workloads with Microsoft Defender for Cloud
Build SIEM solutions with Microsoft Sentinel including KQL queries
Perform proactive threat hunting and leverage Security Copilot

Prerequisites

Basic understanding of Microsoft 365 and Azure servicesFamiliarity with security concepts and threat landscapesUnderstanding of networking fundamentals (TCP/IP, DNS, HTTP)Basic experience with Windows Server and Active Directory

Course Modules

Module 1

Introduction to Microsoft Defender

Understanding Microsoft's security ecosystem, SOC fundamentals, and the Defender product family

4 Lessons
Module 2

Microsoft Defender XDR

Managing the unified security operations portal, incidents, alerts, and automated investigation

4 Lessons
Module 3

Microsoft Defender for Endpoint

Endpoint detection and response, attack surface reduction, and device security management

4 Lessons
Module 4

Defender for Office 365

Email security, anti-phishing, safe attachments, safe links, and collaboration protection

3 Lessons
Module 5

Defender for Identity

Active Directory threat detection, lateral movement analysis, and identity security posture

3 Lessons
Module 6

Defender for Cloud

Cloud security posture management, workload protection, and multi-cloud defense

3 Lessons
Module 7

Microsoft Sentinel

Cloud-native SIEM: data connectors, analytics rules, workbooks, playbooks, and automation

4 Lessons
Module 8

Threat Hunting & Security Copilot

Proactive threat hunting, threat intelligence, and AI-assisted security operations

3 Lessons

Prepare for SC-200 Certification

This training aligns with the Microsoft SC-200 Security Operations Analyst certification exam. Master threat detection, incident response, and security operations to pass with confidence.

Begin Your Journey