Demo account to simulate and POC advanced hunting

Occasional Visitor

Good Day,


I'm new in the MS Suite, my company is using the Zero Trust model, therefore I only have the real data instance available upon request, as a result I'd like to familiarize myself in the MS Defender for Endpoint capabilities in UAT kind of environment, please advise.

1 Reply

Hello @Eddy_L2110,


you can go to Microsoft 365 Defender and under Endpoints, Evaluation & tutorials and at Evaluation lab you can build your own test machines and experiment. These test machines raise alerts in your own environment and as such you can go to incidents and alerts to see what has been raised. On the other hand, if you would like to dive deeper, you can use KQL to investigate whatever you want at these test machines.


If I have answered your question, please mark your post as Solved

If you like my response, please consider giving it a like