Defend against cyberthreats with Microsoft’s security operations platform is a Microsoft Learn-based course that explores how to use Microsoft Sentinel and Microsoft Defender XDR as an integrated security operations platform. Students learn how to correlate signals across the two platforms, investigate unified incidents, use automation to accelerate response, and build a comprehensive security operations practice using Microsoft’s cloud-native tooling.
What You Will Learn
- Understand how Microsoft Sentinel and Microsoft Defender XDR integrate as a unified SecOps platform
- Investigate incidents that include correlated signals from both Sentinel and Defender XDR
- Use Microsoft Security Copilot to accelerate investigation and summarize threat context
- Configure automation rules and playbooks across Sentinel and Defender XDR for coordinated response
- Apply threat intelligence from Microsoft Defender Threat Intelligence within investigations
Who Should Attend
SOC analysts and security engineers who work across both Microsoft Sentinel and Defender XDR and want to use them as an integrated security operations platform.
Prerequisites
Working experience with Microsoft Sentinel and/or Microsoft Defender XDR. Security operations background is required.
