The following courses will guide you to becoming an Microsoft Defender for IoT Ninja.
This training program includes over 28 videos divided into 5 modules. For each session, the post includes a video, and/or a presentation, along with supporting information when relevant: product documentation, blog posts, and additional resources. The modules are organized into the following groups:
Check back often as additional items will be published regularly.
Microsoft Defender for IoT enables IT and OT teams to auto-discover their unmanaged IoT/OT assets, identify critical vulnerabilities, and detect anomalous or unauthorized behavior — without impacting IoT/OT stability or performance.
Microsoft Defender for IoT delivers insights within minutes of being connected to the network, leveraging patented IoT/OT-aware behavioral analytics and machine learning to eliminate the need to configure any rules, signatures, or other static IOCs. To capture the traffic, it uses an on-premises network sensor deployed as a virtual or physical appliance connected to a SPAN port or tap. The sensor implements non-invasive passive monitoring with Network Traffic Analysis (NTA) and Layer 7 Deep Packet Inspection (DPI) to extract detailed IoT/OT information in real-time.
This section provides background information on IoT and OT networks and an overview of the Microsoft Defender for IoT platform.
Learn about the core features of the platform including asset discovery, deployment options, reporting, alert handling, event timeline, risk assessment, attack vector simulations, and data mining and baselining.
This section provides details on the deployment and tuning specifics. Learn about the differences between on-premises-only and cloud-connected options. Walk through the licensing components within the Azure portal.
For cloud-connected options, remote sensors will send logging and analysis data to Azure. Once in the cloud, logging and asset data may be forwarded to Sentinel. All of the tools within Sentinel become available including automation/playbooks, workbooks, threat hunting and analytics, incident handling, notebooks, and more.