The combination of Microsoft Defender and Sentinel helps SecOps teams detect, investigate, respond to, and defend against threats with a fully integrated and comprehensive set of capabilities. Today we’re sharing some new training resources and opportunities to help you build skills with these solutions—so you can use them now or get ready for a Microsoft certification exam.
New Microsoft training guide for SIEM and XDR
This lightweight guide quickly walks you through business needs related to extended threat detection and response (XDR) and security information and event management (SIEM). It helps you make the most of Microsoft security solutions by pointing you to specific training and technical documentation so you can:
- Protect endpoints from ransomware with Microsoft Defender for Endpoint
- Secure collaboration and prevent phishing with Microsoft 365 Defender and Defender for Office
- Optimize the Security Operations Center with Microsoft Sentinel
Review the Microsoft training guide for SIEM and XDR to find training resources that will help you address your business needs with Microsoft Security solutions.
Learn Microsoft Sentinel through a free Connected Learning Experience
The Microsoft Azure Connected Learning Experience (CLX) program is designed to help you study smarter, not harder, with a free personalized learning journey to help you become an Azure expert. After registering, you can complete one or more tracks, including MS-Sentinel: Mitigate threats using Microsoft Sentinel in Azure.
Each track follows four steps:
- Take a 30-minute knowledge assessment to determine which study resources will help you the most.
- Study the Microsoft Learn training and documentation materials recommended at your own pace.
- Sign up for an instructor-led cram session for in-depth, hands-on live learning.
- Take a practice test to evaluate your knowledge and readiness for a certification exam.
The cram session for the MS-Sentinel track takes place worldwide in May and June and is for anyone wanting to learn how to use Sentinel to identify, investigate, and respond to threats in real time. Although it is not an entire certification course, it can help you prepare for part of the SC-200 exam. At this session, you will learn how to:
- Design and configure a Sentinel workspace
- Plan and implement the use of data connectors for ingesting data sources into Sentinel
- Manage Sentinel analytics rules
- Perform data classification and normalization
- Configure Security Orchestration Automated Response (SOAR) in Sentinel
- Manage Sentinel incidents
- Use Sentinel workbooks to analyze and interpret data
- Hunt for threats using Sentinel
- Manage threats using entity behavior analytics
Register for the Microsoft Azure Connected Learning Experience and sign up for the MS-Sentinel cram session today.