Blog Post

Microsoft Defender for Cloud Blog
11 MIN READ

Become a Microsoft Defender for Cloud Ninja

YuriDiogenes's avatar
YuriDiogenes
Icon for Microsoft rankMicrosoft
Aug 25, 2020

[Last update: 09/13/2024]

 

This blog post has a curation of many Microsoft Defender for Cloud (formerly known as Azure Security Center and Azure Defender) resources, organized in a format that can help you to go from absolutely no knowledge in Microsoft Defender for Cloud, to design and implement different scenarios. You can use this blog post as a training roadmap to learn more about Microsoft Defender for Cloud. On November 2nd, at Microsoft Ignite 2021, Microsoft announced the rebrand of Azure Security Center and Azure Defender for Microsoft Defender for Cloud. To learn more about this change, read this article.

 

Every month we are adding new updates to this article, and you can track it by checking the red date besides the topic. If you already study all the modules and you are ready for the knowledge check, follow the procedures below:

 

To obtain the Defender for Cloud Ninja Certificate

1. Take this knowledge check here, where you will find questions about different areas and plans available in Defender for Cloud.

2. If you score 80% or more in the knowledge check, request your participation certificate here. If you achieved less than 80%, please review the questions that you got it wrong, study more and take the assessment again.

Note: it can take up to 24 hours for you to receive your certificate via email.

 

To obtain the Defender for Servers Ninja Certificate (Introduced in 08/2023)

1. Take this knowledge check here, where you will find only questions related to Defender for Servers.

2. If you score 80% or more in the knowledge check, request your participation certificate here. If you achieved less than 80%, please review the questions that you got it wrong, study more and take the assessment again.

Note: it can take up to 24 hours for you to receive your certificate via email.

 

Modules

To become an Microsoft Defender for Cloud Ninja, you will need to complete each module. The content of each module will vary, refer to the legend to understand the type of content before clicking in the topic’s hyperlink. The table below summarizes the content of each module:

 

Module

Description

0 - CNAPP

In this module you will familiarize yourself with the concepts of CNAPP and how to plan Defender for Cloud deployment as a CNAPP solution.

1 – Introducing Microsoft Defender for Cloud and Microsoft Defender Cloud plans

In this module you will familiarize yourself with Microsoft Defender for Cloud and understand the use case scenarios. You will also learn about Microsoft Defender for Cloud and Microsoft Defender Cloud plans pricing and overall architecture data flow.

2 – Planning Microsoft Defender for Cloud

In this module you will learn the main considerations to correctly plan Microsoft Defender for Cloud deployment. From supported platforms to best practices implementation.

3 – Enhance your Cloud Security Posture

In this module you will learn how to leverage Cloud Security Posture management capabilities, such as Secure Score and Attack Path to continuous improvement of your cloud security posture. This module includes automation samples that can be used to facilitate secure score adoption and operations.

4 – Cloud Security Posture Management Capabilities in Microsoft Defender for Cloud

In this module you will learn how to use the cloud security posture management capabilities available in Microsoft Defender for Cloud, which includes vulnerability assessment, inventory, workflow automation and custom dashboards with workbooks.

5 – Regulatory Compliance Capabilities in Microsoft Defender for Cloud

In this module you will learn about the regulatory compliance dashboard in Microsoft Defender for Cloud and give you insights on how to include additional standards. In this module you will also familiarize yourself with Azure Blueprints for regulatory standards.

6 – Cloud Workload Protection Platform Capabilities in Azure Defender

In this module you will learn how the advanced cloud capabilities in Microsoft Defender for Cloud work, which includes JIT, File Integrity Monitoring and Adaptive Application Control.  This module also covers how threat protection works in Microsoft Defender for Cloud, the different categories of detections, and how to simulate alerts.

7 – Streaming Alerts and Recommendations to a SIEM Solution

In this module you will learn how to use native Microsoft Defender for Cloud capabilities to stream recommendations and alerts to different platforms. You will also learn more about Azure Sentinel native connectivity with Microsoft Defender for Cloud. Lastly, you will learn how to leverage Graph Security API to stream alerts from Microsoft Defender for Cloud to Splunk.

8 – Integrations and APIs

In this module you will learn about the different integration capabilities in Microsoft Defender for Cloud, how to connect Tenable to Microsoft Defender for Cloud, and how other supported solutions can be integrated with Microsoft Defender for Cloud.

9 -  DevOps Security

In this module you will learn more about DevOps Security capabilities in Defender for Cloud. You will be able to follow the interactive guide to understand the core capabilities and how to navigate through the product. 

10 - Defender for APIs

In this module you will learn more about the new plan announced at RSA 2023. You will be able to follow the steps to onboard the plan and validate the threat detection capability. 

11 - AI Posture Management and Workload Protection

In this module you will learn more about the risks of Gen AI and how Defender for Cloud can help improve your AI posture management and detect threats against your Gen AI apps.  

 

Legend

Product videos

Webcast recordings

Tech Community

Docs on Microsoft

Blogs on Microsoft

GitHub

External

Interactive guides

 

 

Module 0 - Cloud Native Application Protection Platform (CNAPP) 

Module 1 - Introducing Microsoft Defender for Cloud  

Module 2 – Planning Microsoft Defender for Cloud 

Module 3 – Enhance your Cloud Security Posture 

Module 4 – Cloud Security Posture Management Capabilities in Microsoft Defender for Cloud

Module 5 – Regulatory Compliance Capabilities in Microsoft Defender for Cloud

Module 6 – Cloud Workload Protection Platform Capabilities in Microsoft Defender for Clouds

Module 7 – Streaming Alerts and Recommendations to a SIEM Solution

Module 8 – Integrations and APIs

Module 9 – DevOps Security

Module 10 – Defender for APIs

Module 11 – AI Posture Management and Workload Protection 

 

 

Are you ready to take your knowledge check? If so, click here. If you score 80% or more in the knowledge check, request your participation certificate here. If you achieved less than 80%, please review the questions that you got it wrong, study more and take the assessment again.

Note: it can take up to 24 hours for you to receive your certificate via email.

 

Other Resources

 

Have a great time ramping up in Microsoft Defender for Cloud and becoming a Microsoft Defender for Cloud Ninja!! 

 

 

Reviewer:

  • Tom Janetscheck, Senior PM
Updated Sep 13, 2024
Version 73.0