Opleiding: Master Class: Microsoft Defender and Microsoft Sentinel for Hybrid Cloud (HYBSEC)

Course Content

Defender for Cloud

• Overview of Defender for Cloud
• Prerequisites and implementation
• Securing Azure workloads
• Securing on-premises workloads
• Cloud Security Posture Management overview
• Use automation to respond to alerts
• Mastering Azure Policy guest configuration

Defender for Identity

• Overview of MS Defender for Identity
• Planning MS Defender for Identity Deployment
  (Architecture, Prerequisites)+
• Implement Defender for Identity
• Investigate alerts/detections
  • Reconnaissance Alerts
  • Compromised Credential Alerts
  • Lateral Movement Alerts
  • and some more

KQL Primer

• Basic operators for querying tables and formatting output
• Working with variables
• Advance operators and functions
  • Extending tables
  • Querying and filtering property bags
  • Aggregate records and
  • Create custom functions
• working with multiple tables and external data

Microsoft Sentinel

• Data collectors Implementation
• Creating Analytic rules
• Use automation to respond to Incidents
• Automatically enrich incident information
• Investigate Incidents
• Perform threat hunting
• Create workbooks
• Investigate with UEBA

Who Should Attend

Administrators with experience of at least 5 years in administering Windows Active Directory Domain Services, Azure Active Directory and Azure resources.