Explore digital courses

Connect Azure assets to Microsoft Defender for Cloud

Units in this learning path:

• Introduction
• Explore Manage Your Resources with Asset Inventory
• Configure Auto Provisioning
• Manual Azure Monitor Agent Provisioning
• Knowledge Check
• Summary Resources

Products: Azure, Defender For Cloud

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security, Threat Protection, Asset Management, Inventory Management

Duration: 35 minutes

Connect Common Event Format logs to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Connector
• Connect Your External Solution Use Connector
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Azure Log Analytics

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Security, Cloud Security, Threat Protection

Duration: 20 minutes

Connect Microsoft Defender XDR to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Microsoft 365 Defender Connectors
• 365 Defender Connector
• Connect Microsoft Defender Cloud Connector
• Connect Microsoft Defender Iot
• Connect Microsoft Defender Legacy Connectors
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Defender For Cloud, Defender For Iot, Defender Xdr

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection, Cloud Security

Duration: 29 minutes

Connect Microsoft services to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Connectors
• Connect Office 365 Connector
• Connect Azure Active Directory Connector
• Connect Azure Active Directory Identity Protection Connector
• Connect Azure Activity Connector
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Entra Id, Defender Xdr

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 26 minutes

Connect Windows hosts to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Security Events Connector
• Configure Data Collection Rules
• Connect Windows Hosts
• Collect Sysmon Event Logs
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Windows Security, Sysinternals, Azure Policy

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 26 minutes

Connect data to Microsoft Sentinel using data connectors

Units in this learning path:

• Introduction
• Ingest Log Data
• Understand Data Connector Providers
• View Connected Hosts
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Defender, Microsoft Sentinel, Azure Log Analytics

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 22 minutes

Connect on-premises servers, AWS accounts, and GCP projects to Microsoft Defender for Cloud to extend unified security coverage across a hybrid and multicloud estate. Learn how federated authentication secures connector access, plan connector strategy, and configure native connectors for AWS and GCP.

Units in this learning path:

• Introduction
• Explore Multicloud Connectivity Model
• Plan Connector Strategy
• Connect on Premises Azure Arc
• Connect Amazon Accounts
• Connect Google Projects
• Verify Multicloud Coverage
• Knowledge Check
• Summary

Products: Defender For Cloud, Azure

Roles: Security Engineer

Level: Intermediate

Subjects: Security, Cloud Security

Duration: 52 minutes

Connect logs to Microsoft Sentinel

Modules in this learning path:

• Connect Data to Azure Sentinel with Data Connectors
• Connect Microsoft Services to Azure Sentinel
• Connect Microsoft Defender 365 to Azure Sentinel
• Connect Windows Hosts to Azure Sentinel
• Connect Common Event Format Cef Logs to Azure Sentinel
• Connect Syslog Data Sources to Azure Sentinel
• Connect Threat Indicators to Azure Sentinel

Products: Azure, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 184 minutes

Connect non-Azure resources to Microsoft Defender for Cloud

Units in this learning path:

• Introduction
• Protect Resources
• Azure Resources
• Connect Your Aws Accounts
• Connect Your Gcp Accounts
• Knowledge Check
• Summary Resources

Products: Azure, Azure Arc, Defender For Cloud

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Cloud Security

Duration: 44 minutes

Connect syslog data sources to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Syslog Connector
• Collect Data from Linux Based Sources Using Syslog
• Configure Log Analytics Agent
• Parse Syslog Data
• Knowledge Check
• Summary Resources

Products: Azure, Microsoft Sentinel, Azure Log Analytics, Azure Monitor

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 28 minutes

Connect threat indicators to Microsoft Sentinel

Units in this learning path:

• Introduction
• Plan for Threat Intelligence Connectors
• Defender Threat Intelligence Connector
• Intelligence Taxii Connector
• Intelligence Upload API Connector
• View Your Threat Indicators
• Knowledge Check
• Summary Resources

Products: Microsoft Defender, Microsoft Sentinel, Defender For Threat Intelligence

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Security, Cloud Security, Threat Protection

Duration: 33 minutes

Construct KQL statements for Microsoft Sentinel

Units in this learning path:

• Introduction
• Understand Kql Statement Structure
• Use Search Operator
• Use Where Operator
• Use Let Statement
• Use Extend Operator
• Use Order by Operator
• Use Project Operators
• Knowledge Check
• Summary Resources

Products: Defender Xdr, Azure Data Explorer, Azure Log Analytics, Microsoft Sentinel

Roles: Security Operations Analyst

Level: Intermediate

Subjects: Threat Protection

Duration: 36 minutes