Microsoft 365 Defender Academy
Welcome to the Microsoft 365 Defender Academy. Explore Microsoft 365 Defender video sessions delivered directly to partners, detailed learning paths, certifications, and further resources.
Sessions
Learn how your security teams can leverage a single unified experience with the newly converged XDR portal. Microsoft 365 Defender is the single place for your investigation, remediation, and hunting activities.
Explore the latest improvements to advanced hunting, how to import an external data source into your query, and how to use partitioning to segment large query results into smaller result sets to avoid hitting API limits.
The daily challenges of securing your organization with limited resources can leave your security team unable to proactively defend against potential threats. Learn how Microsoft Defender Experts for Hunting can augment your team to help you hunt, investigate, analyze, and remediate high-impact threats and improve your SOC response.
Explore what tracking an attacker's email infrastructure tells us about persistent cybercriminal operations.
Learn how Application Guard for Office protects you against malware, the requirements for Application Guard for Office, and how you can deploy and configure it for your organization.
Explore Defender for Identity's remediation actions that target on-premises accounts.
Gain a peek behind the curtain and see how Microsoft's research teams deal with newly disclosed identity vulnerabilities, and how that information is turned into an alert in Defender for Identity.
The majority of organizations still use Active Directory as a part of their identity infrastructure. As well as helping to protect against advanced attacks targeting your on-premises identities, Microsoft Defender for Identity provides a host of assessments used to highlight legacy misconfigurations and instances where the best practice may not be in place. Learn about these assessments and why they’re essential, mainly based on recent global security events.
In this session, learn about Microsoft Defender for Identity's settings and features located within the Microsoft 365 Security Center. Explore administration and on-boarding settings, Defender for Identity alerts, setting up alert exclusions, and the user investigation page.
Discover how Microsoft detects a Kerborasting attack, ZeroLogon exploitation, and AS-Rep roasting. This session provides an in-depth explanation of what the detection looks for, why it’s essential, and how Defender for Identity can help keep your environment safe.
Microsoft Security teams disrupted an infrastructure that leveraged Identity Provider and SaaS Email applications to abuse business brands and spread fraud to millions. Learn how to protect Azure AD and Exchange Online using Microsoft Defender for Cloud Apps.
Native integration of the Microsoft Defender for Cloud Apps experience within Microsoft 365 Defender streamlines the process of investigating and mitigating threats to your users, apps, and data. Security admins will be enabled to complete suite and workload-specific tasks in a single portal.
Learn about the app governance add-on to Microsoft Defender for Cloud Apps, a key component of customers' Zero Trust journey. Examine how app governance supports managing to least privilege (including identifying unused permissions), provides threat detections, and gives insights on risky app behaviors.
In the current evolution of SaaS apps, there are countless different SaaS configurations and posture options. Misconfigurations are a risk for your organization that can lead to a breach or sensitive data leakage. Learn how to easily manage your SaaS Security Posture with Microsoft and prevent potential risk.
Learn how to protect your data and detect threats in your Salesforce environment in under thirty minutes using Microsoft Cloud App Security.
Learn how to protect your GitHub environment in under thirty minutes using Microsoft Cloud App Security.
Worried about the safety of your corporate Box environment and the data that it hosts? Microsoft Cloud App Security can help you secure your infrastructure and data, with simple configuration steps tailored specifically for Box.
Lacking visibility in your AWS cloud infrastructure? Looking for a way to secure and assess all your cloud providers at once? Learn how to detect threats and identify security risks in your AWS environment with just a few steps.
Learn how to protect your Slack environment in under thirty minutes using Microsoft Cloud App Security.
Keeping Up
- Microsoft Defender for Office 365 Blog - Microsoft Tech Community
- Microsoft Defender for Identity Blog - Microsoft Tech Community
- Microsoft Defender for Cloud Apps Blog - Microsoft Tech Community
Learning Path
See the Microsoft 365 Defender Readiness Resources:
See the Threat Protection Readiness Resources for further upskilling:
See the Information & Data Protection Readiness Resources for further upskilling:
See the Zero Trust Readiness Resources for further upskilling:
Feedback
Have a content session recommendation or general feedback? Here’s how to give it:
- Create a documentation issue in GitHub to begin a conversation.
Contributions
We welcome contributors to this project. Please use the GitHub links near the upper right and consider submitting pull requests or filing issues as needed.