Last updated: January 2024
Microsoft Defender XDR is an integrated, cross-domain threat detection and response solution. It provides organizations with the ability to prevent, detect, investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments.
Note: Microsoft 365 Defender was renamed to Microsoft Defender XDR - most videos still refer to the old product name.
To help you get started with Microsoft Defender XDR and take advantage of its capabilities we’ve compiled a series of short videos. These will walk through the key product features and show you how to apply them to your business today.
Please share your feedback or ask questions in the comments section below; let us know what other videos and topics you would like to see.
|
Overview |
Getting started |
|
Watch an all-up overview of Microsoft 365 Defender and learn about its capabilities |
Check out how you can get started quickly and start benefiting from its capabilities |
|
Unified portal |
Unified RBAC |
|
This video shows you the improved and enhanced Microsoft 365 security center. |
In this video, learn how to import and create custom roles, assign those roles to users and groups, and activate unified RBAC for specific workloads. |
|
Guided hunting |
Attack story |
|
This video shows how to use advanced hunting without Kusto query language or schema knowledge. |
Learn how to use attack story as a starting point for quickly understanding an incident’s who, what, when, and where. |
|
Microsoft Sentinel integration |
|
|
This video describes how you can stream all Microsoft 365 Defender incidents into Microsoft Sentinel and keep them synchronized. |
|
|
|
|
|
Incident |
Advanced hunting |
|
Learn how alerts are being correlated into incidents and how to work with them |
Get started with advanced hunting to hunt for threats across your Microsoft 365 Defender data |
|
Secure Score |
KQL Basics |
|
This video explains how the Secure Score can help you protect your organization |
Learn the basics of KQL, the language used for advanced hunting |
|
Unpacking JSON in KQL |
Optimizing KQL |
|
This video demonstrates how to unpack JSON strings by using the Kusto Query Language. |
This video demonstrates ways you can optimize Kusto Query Language. |
|
Joining tables in KQL |
Hunting linked downloads |
|
This video demonstrates joining tables by using Kusto Query Language. |
Learn how to use advanced hunting to find URL clicks that download files. |
|
Unified submissions |
Streaming API |
|
Check out the new, unified submissions experience in the Microsoft 365 Defender portal. |
Learn how you can setup the streaming API to ship event information directly to Azure Event hubs or to Azure storage. |
|
Microsoft 365 Defender and Power Automate |
Defender for Cloud Apps in the Defender portal |
|
Learn how you can use Power Automate to automate your workflows. |
Get more things done in one place! Defender for Cloud Apps portal is located in the Microsoft 365 Defender portal. Watch how this unification can help maximize efficiency in your environment. |
|
Automated self-healing |
Submit feedback |
|
This video helps you better understand how Microsoft 365 Defender automates remediation actions |
We are listening! See how easy it is to share your feedback with us |
|
Security center for Microsoft Defender for Office 365 customers |
Security center for Microsoft Defender for Identity customers |
|
See the improved and new features you get when you start using the Microsoft 365 Defender portal - at no costs. |
This video shows improved and new features you get when you move to the Microsoft 365 Defender portal - at no costs! |
|
Classification |
Threat Analytics |
|
See how quickly you can classify your incidents & alerts |
With threat analytics you can track and respond to emerging threats |
Microsoft
Thank you, thank you!! Whilst there is no option to subscribe to a specific topic, I can assure you that I have no intention of leaving any time soon 
Do you use power automate? You could create a flow to check the Microsoft 365 Defender RSS feed for "monthly news" and send you an email or so. 
