Protect it all with Microsoft Security
Eliminate gaps and get the simplified, comprehensive protection, expertise, and AI-powered solutions you need to innovate and grow in a changing world. The Microsoft Security Community is your gateway to connect, learn, and collaborate with peers, experts, and product teams. Gain access to technical discussions, webinars, and help shape Microsoft’s security products.
Get there fast
- To stay up to date on upcoming opportunities and the latest Microsoft Security Community news, make sure to subscribe to our email list.
- Find the latest skilling content and on-demand videos – subscribe to the Microsoft Security Community YouTube channel.
- Catch the latest announcements and connect with us on LinkedIn – Microsoft Security Community and Microsoft Entra Community.
Index
Community Calls: January 2026 | February 2026 | March 2026
Upcoming Community Calls
January 2026
RESCHEDULED for Jan. 27 | 9:00am | Microsoft Sentinel | AI-Powered Entity Analysis in Sentinel’s MCP Server
Simplify entity risk assessment with Entity Analyzer. Eliminate complex playbooks; get unified, AI-driven analysis using Sentinel’s semantic understanding. Accelerate automation and enrich SOAR workflows with native Logic Apps integration.
Jan. 28 | 8:00am | Security Copilot Skilling Series | Security Copilot in Purview Technical Deep Dive
Discover how AI-powered alert triage agents for Data Loss Prevention (DLP) and Insider Risk Management (IRM) are transforming incident response and compliance workflows. Explore new Data Security Posture Management (DSPM) capabilities that deliver deeper insights and automation to strengthen your security posture. This session will showcase real-world scenarios and actionable strategies to help you protect sensitive data and simplify compliance.
February 2026
Feb. 2 | 9:00am | Microsoft Sentinel | Accelerate your SIEM migration to Microsoft Sentinel
Join us for an insightful webinar to discover how Microsoft Sentinel simplifies SIEM migration and enables true SOC transformation. Experience the new AI-powered SIEM migration tool that goes beyond syntax conversion—delivering advanced correlation, actionable insights, and accurate intent-based mapping for improved detection coverage and continuous optimization.
Feb 4. | 8:00am | 425 Show | Introducing the Identity Risk Management Agent for Entra ID Protection
Discover how the Identity Risk Management Agent for Microsoft Entra ID Protection simplifies identity defense. Learn how it analyzes risk signals, surfaces risky users, and enables one-click remediation to help teams stay ahead of identity-based threats.
Feb. 5 | 8:00am | Security Copilot Skilling Series | Identity Risk Management Agent in Microsoft Entra
Learn how the Identity Risk Management Agent in Microsoft Entra, powered by Security Copilot, detects risky users, explains risk reasons, and delivers guided remediation at scale with natural‑language investigations and adaptive learning.
Feb. 10 | 8:00am | Microsoft Security Store | From Alert to Resolution: Using Security Agents to Power Real‑World SOC Workflows
In this webinar, we’ll show how SOC analysts can harness security agents from Microsoft Security Store to strengthen every stage of the incident lifecycle. Through realistic SOC workflows based on everyday analyst tasks, we will follow each scenario end to end, beginning with the initial alert and moving through triage, investigation, and remediation. Along the way, we’ll demonstrate how agents in Security Store streamline signal correlation, reduce manual investigation steps, and accelerate decision‑making when dealing with three of the most common incident types: phishing attacks, credential compromise, and business email compromise (BEC), helping analysts work faster and more confidently by automating key tasks, surfacing relevant insights, and improving consistency in response actions.
Feb. 11 | 8:00am | Microsoft Sentinel graph | Unlocking Graph-based Security and Analysis
Join us in this session where we will dive into the Microsoft Hunting graph and blast radius experiences, going deeper into the details of the new custom graph capabilities, why they matter, and some of their use cases. We will also cover the differences between ephemeral and materialized custom graphs and how to create each through Visual Studio Code and notebooks.
Feb. 12 | 8:00am | Microsoft Purview | Data Security Investigations (DSI)
Introducing Microsoft Purview Data Security Investigations (DSI)
- Identify: Efficiently search your Microsoft 365 data estate to locate incident-relevant documents, emails, Copilot prompts and responses, and Teams messages
- Investigate: Use AI-powered deep content analysis enriched with activity insights to find key sensitive data and security risks within impacted data quickly.
- Mitigate: Collaborate with partner teams securely to mitigate identified risks and use investigation learnings to strengthen security practices.
Launch DSI from its home page, Microsoft Defender XDR, Microsoft Purview Insider Risk Management, or Microsoft Purview Data Security Posture Management.
Feb. 17 | 8:00am | Microsoft Sentinel | Introducing the UEBA Behaviors Layer in Microsoft Sentinel
Join us as we explore the new UEBA Behaviors layer in Microsoft Sentinel. See how AI-powered behaviors turn raw telemetry into clear, human-readable security insights, and hear directly from the product team on use cases, coverage, and what’s coming next.
Feb. 19 | 8:00am | Security Copilot Skilling Series | Agents That Actually Work: From an MVP
Microsoft MVP Ugur Koc will share a real-world workflow for building agents in Security Copilot, showing how to move from an initial idea to a consistently performing agent. The session highlights how to iterate on objectives, tighten instructions, select the right tools, and diagnose where agents break or drift from expected behavior. Attendees will see practical testing and validation techniques, including how to review agent decisions and fine-tune based on evidence rather than intuition to help determine whether an agent is production ready.
Feb. 23 | 8:00am | Microsoft Defender for Identity | Identity Control Plane Under Attack: Consent Abuse and Hybrid Sync Risks
A new wave of identity attacks abuses legitimate authentication flows, allowing attackers to gain access without stealing passwords or breaking MFA. In this session, we’ll break down how attackers trick users into approving malicious apps, how this leads to silent account takeover, and why traditional phishing defenses often miss it.
Feb. 26 | 9:00am | Azure Network Security | Azure Firewall Integration with Microsoft Sentinel
Learn how Azure Firewall integrates with Microsoft Sentinel to enhance threat visibility and streamline security investigations. This webinar will demonstrate how firewall logs and insights can be ingested into Sentinel to correlate network activity with broader security signals, enabling faster detection, deeper context, and more effective incident response.
March 2026
Mar. 5 | 8:00am | Security Copilot Skilling Series | Conditional Access Optimization Agent: What It Is & Why It Matters
Get a clear, practical look at the Conditional Access Optimization Agent—how it automates policy upkeep, simplifies operations, and uses new post‑Ignite updates like Agent Identity and dashboards to deliver smarter, standards‑aligned recommendations.
Looking for more?
Join the Microsoft Customer Connection Program (MCCP)! As a MCCP member, you’ll gain early visibility into product roadmaps, participate in focus groups, and access private preview features before public release. You’ll have a direct channel to share feedback with engineering teams, influencing the direction of Microsoft Security products. The program also offers opportunities to collaborate and network with fellow security experts and Microsoft product teams. Join the MCCP that best fits your interests: www.aka.ms/joincommunity.
Microsoft
