Cloud Security with Microsoft Defender XDR

Cloud Security Overview

Security matters. Every company is faced with several kinds of attacks and must implement different tools to protect themselves.

• Threat Landscape
• Common Threats and Attack Types
• The Defender’s Dilemma
• Zero Trust Model
• Identity and Access Management
• Threat Protection
• Security Management
• Information Protection
• LAB: Cloud Security Overview

Microsoft Entra: Securing Your Cloud Identities

The first thing you should protect are your identities. Especially in a cloud infrastructure, this should be your number one priority.
Microsoft Entra ID provides a lot of security related features to control access to your environment.

• Multi-Factor Authentication
• Privileged Identity Management
• Identity Protection
• Conditional Access
• LAB: Securing Your Identities

Microsoft Defender for Identity

If your identities are hosted on-premises, Microsoft Defender for Identity can provide protection for your Active Directory accounts.

• Microsoft Defender for Identity Features
• Configuring Defender for Identity
• Protecting Your Accounts
• Identify Threats: Reconnaissance and Lateral Movement
• Detect Pass-the-Hash and Pass-the-Ticket Attacks
• LAB: Microsoft Defender for Identity

Microsoft Defender for Office 365

Safeguard your organization against malicious threats from email messages, links and collaboration tools. Implement policies to detect malware, spam and phishing mails.
Define what action to take when malicious content is detected.

• Protect Against Malware, Spam, Phishing, Spoofing
• Email Authentication: SPF, DKIM and DMARC
• Attack Simulator
• Safe Attachments and Safe Links
• Threat Protection for Collaboration: SharePoint, OneDrive and Teams
• LAB: Microsoft Defender for Office 365

Microsoft Defender for Endpoint

Devices can get compromised because of missing updates or vulnerabilities in applications. Microsoft Defender for Endpoint provides you with an inventory and gives you
recommendations to make your environment more secure. This service also detects suspicious activities and alerts you about possible attacks.

• Protect Your Devices
• Onboarding Devices
• Threat and Vulnerability Management
• Endpoint Detection and Response
• Device Investigations
• Automated Investigation and Remediation
• LAB: Microsoft Defender for Endpoint

Microsoft Defender for Cloud Apps

In this cloud-based world, it can become difficult to find the right balance between flexibility for your users and protecting your critical data.
Microsoft Defender for Cloud Apps acts as a gatekeeper to broker access between your users and the cloud apps they use. At the same time, it can safeguard your sensitive information.

• Cloud Discovery
• App Connectors
• Control Access to Apps with Policies
• Conditional Access App Control
• Protect Sensitive Information
• LAB: Microsoft Defender for Cloud Apps

Detect and Stop attacks with Microsoft Defender XDR

So many different tools that collect so much data. You may be flooded with information. Microsoft Defender XDR brings it all together. It gives you better insights
in attacks by showing you the devices, identities and apps that were involved. You can hunt for threats and be proactive, making sure the attacker doesn’t stand a chance.

• Microsoft Defender XDR
• Protect Your Environment
• Security Recommendations and Secure Score
• Attack Investigation
• Threat Hunting
• LAB: Microsoft Defender XDR

Microsoft Security Copilot

Investigating an attack or writing the ideal Kusto query can be difficult. Microsoft Security Copilot will make your life easier by helping you with the analysis of suspicious scripts,
generating a Kusto query or writing a report once an incident has been handled.

• Investigate Incidents with Copilot
• Analyze Suspicious Scripts
• Hunt Like a Pro
• Copilot Plugins

Information Governance and Protection

Microsoft 365 is designed to help meet your organization’s needs for content security and data usage compliance with legal, regulatory, and technical standards.

You must be able to protect your sensitive data by implementing rules and conditions to control access and secure files and services. You should be able to define how long data is kept and when it must be deleted.

• Microsoft Purview Portal
• Sensitive Information Types
• Trainable Classifiers
• Sensitivity Labels
• Data Loss Prevention
• Retention Labels and Policies
• Communication Compliance
• LAB: Information Governance and Protection

Information Insights and Discovery

Find out what is going on in your organization by checking Audit logs and running eDiscovery searches.

Compare your configuration with a predefined set of policies and get recommendations on how to improve your compliance score.
Manage insider risks and control data privacy.

• eDiscovery
• Auditing and Alert Policies
• Compliance Manager
• Data Classification
• Insider Risk Management
• Privacy Management
• LAB: Information Insights and Discovery