training
31 TopicsShowcase your skills with this new Security Certification
Introducing the Microsoft Certified: Information Security Administrator Certification Designed specifically for data security and information protection professionals, our new Microsoft Certified: Information Security Administrator Certification validates the skills needed to plan and implement information security for sensitive data by using Microsoft Purview and related services. It also validates the skills needed to mitigate risks from internal and external threats by protecting data inside collaboration environments that are managed by Microsoft 365. Plus, it verifies subject matter expertise needed to participate in information security incident responses. The Microsoft Certified: Information Security Administrator Certification is currently in Beta and will become available in April 2025, and you can earn the Certification by passing Exam SC-401: Administering Information Security in Microsoft 365. While this new Certification’s study material includes learning modules from SC-400, it also includes new modules tailored to data security and information protection skillsets. Understand Microsoft Purview Insider Risk Management Microsoft Purview Insider Risk Management is a compliance solution designed to minimize internal risks by detecting, investigating, and acting on malicious and inadvertent activities within your organization. This training module provides an in-depth understanding of how to identify potential risks using analytics and create policies to manage security and compliance. By the end of this module, you'll be equipped with the knowledge to implement insider risk management effectively, ensuring user-level privacy through pseudonymization and role-based access controls. Prepare for Microsoft Purview Insider Risk Management Preparation is key to successfully implementing any security solution. The "Prepare for Microsoft Purview Insider Risk Management" training module guides you through the strategies for planning and configuring the solution to meet your organizational needs. You'll learn how to collaborate with stakeholders, understand the prerequisites for implementation, and configure settings to align with compliance and privacy requirements. This module is essential for administrators and risk practitioners looking to protect their organization's data and privacy. Create and Manage Insider Risk Management Policies Creating and managing effective policies is crucial for mitigating insider risks. This training module covers the process of developing and implementing insider risk management policies using Microsoft Purview. You'll learn how to define the types of risks to identify, configure risk indicators, and customize event thresholds for policy indicators. The module also provides insights into using templates for quick policy creation and configuring anomaly detections to identify unusual user activities. By mastering these skills, you can ensure that your organization is well-protected against potential internal threats. Identify and Mitigate AI Data Security Risks As artificial intelligence (AI) becomes increasingly integrated into business operations, understanding and mitigating AI-related data security risks is vital. The "Identify and Mitigate AI Data Security Risks" training module offers a comprehensive overview of AI security fundamentals. You'll learn about the types of security controls applicable to AI systems and the security testing procedures that can enhance the security posture of AI environments. This module is perfect for developers, administrators, and security engineers looking to safeguard their AI-driven systems. Retiring the Information Protection and Compliance Administrator Associate Certification We’re retiring the Microsoft Certified: Information Protection and Compliance Administrator Associate Certification and its related Exam SC-400: Administering Information Protection and Compliance in Microsoft 365. The Certification, related exam, and renewal assessments will all be retired on May 31, 2025. For data security and information protection professionals: We’re introducing a new Certification – more on that in the section below! For compliance professionals: We don’t have plans to create a new Certification for compliance-related roles, however we do offer Microsoft Applied Skills that can validate these skills. You can find more details in this blog. The following questions and answers can help you determine how these retirements could impact your learning goals: Q: What if I’m studying for Exam SC-400? A: If you’re currently preparing for Exam SC-400, you should take and pass the exam before May 31, 2025. If you’re just starting your preparation process, we recommend that you explore the new Information Security Administrator Certification and its related Exam SC-401: Administering Information Security in Microsoft 365. Q: I’ve already earned the Information Protection and Compliance Administrator Associate Certification. What happens now? A: If you’ve already earned the Information Protection and Compliance Administrator Associate Certification, it will stay on the transcript in your profile on Microsoft Learn. If you’re eligible to renew your Certification before May 31, 2025, we recommend that you consider doing so, because it won’t be possible to renew the Certification after this date. Find the right resources to support your security journey Whether you are looking to build on your existing expertise, need specific product documentation, or want to connect with like-minded communities, partners, and thought leaders, you can find the latest security skill-building content on our Security hub on MS Learn.61Views0likes0CommentsExplore our latest Microsoft Security training on Microsoft Learn
Connect with popular security skill-building offerings and resources from Microsoft Ignite 2024 From simplifying infrastructure management and improving regulatory compliance to better navigating the modern cyberthreat landscape and building a security-first culture with AI, Ignite 2024 covered a ton of ground. Even if you didn’t join this year’s conference, you can explore expert content to inform and foster your security journey on our Security hub on Microsoft Learn. Designed for learners at all levels, the Security hub on Microsoft Learn is your go-to resource for security skill-building offerings, now easier to find, based on your interest and objectives. Find expert guidance aligned to your security journey. Whether you need to build foundational security skills, gain specialized knowledge, or prove your capabilities with Microsoft Credentials, get the guidance you need. Explore the latest resources organized by security focus area. Learn to understand advances in Zero Trust, identity and access, security operations, IT security, and much more. Connect with like-minded communities, partners, and other thought leaders. Join the conversation, and get inspired to level up your skills and knowledge. Validate your cloud skills with Microsoft Learn challenges According to research examined by Science Direct, gaining complementary AI skills can increase wages by an average of 21%. Starting November 19, 2024, at 4:00 PM (16:00) UTC and running through January 10, 2025 at 4:00 PM (16:00) UTC, you can unlock new AI skills the Microsoft Learn Challenge | Ignite Edition. The Challenge includes eight expert-led learning paths: Prepare for next generation data analytics with Microsoft Fabric: Accelerate your career as a data analytics professional. Learn how to connect, ingest, store, analyze, and report on data with Microsoft Fabric. Prepare for Exam DP-600 and your future as a Microsoft Certified Fabric Analytics Engineer. Build trustworthy AI solutions on Microsoft Azure: Gain knowledge on secure, reliable AI with Microsoft Azure. Learn responsible AI practices, content filtering, and model evaluation while mitigating risks to meet the highest safety standards. Innovate & secure your migration to Microsoft Azure: Learn how to migrate and manage your workloads with Microsoft Azure, tools, and services. Bring Azure innovation to your environment with improved scalability, security, and reliability. Create agents in Microsoft Copilot Studio: Learn how to migrate and manage your workloads with Microsoft Azure, tools, and services. Bring Azure innovation to your environment with improved scalability, security, and reliability. Microsoft 365 Copilot for administrators: Master Microsoft 365 Copilot security and compliance. Prepare data, configure tenants, assign licenses, drive user adoption, and optimize Copilot experiences with extensibility options. Secure your data in the age of AI: Learn to adapt security strategies for evolving AI tech. Protect endpoints, data, and apps with Microsoft Purview and Defender. Stay ahead in safeguarding your organization's AI infrastructure. Get started with Microsoft Copilot for Security: Learn how Copilot can help secure your organization at machine speed! Explore generative AI, understand Microsoft Security Copilot features, and gain skills to use in both embedded and stand-alone experiences. Build AI apps with Microsoft Azure services and best practices: Learn to build cloud-native AI apps, create back-end databases, and integrate Azure OpenAI services. Gain practical skills for scaling AI and develop AI solutions for your organization on Azure. Ready to level up on your AI skills journey? Register for the Microsoft Learn Challenge today. Prove your real-world technical expertise with our latest Microsoft Applied Skills Professionals focused on data security and threat protection can demonstrate and differentiate their expertise by earning these new Microsoft Applied Skills: Implement information protection and data loss prevention by using Microsoft Purview: Demonstrate your ability to implement Microsoft Purview Information Protection and DLP, and validate your ability to discover, classify, and protect sensitive data in Microsoft 365, effectively implementing data security by using Microsoft Purview. This assessment is particularly relevant for information protection and compliance administrators, in addition to security operations Analysts. Implement retention, eDiscovery, and Communication Compliance in Microsoft Purview: Earn this Applied Skill by proving your ability to implement retention, eDiscovery, Communication Compliance, and content search in Microsoft Purview. This could be an especially good fit for compliance administrators who are familiar with Microsoft 365 services and Microsoft Purview and have experience administering compliance in Microsoft 365. Defend against threats using Microsoft Defender XDR: Earn this credential by demonstrating your ability to use Microsoft Defender XDR to detect and respond to cyberthreats. Candidates for this credential should be familiar with investigating and gathering evidence about attacks on endpoints. They should also have experience using Microsoft Defender for Endpoint and Kusto Query Language (KQL). Take our most up-to-date Virtual Training Days for free No matter your security skill level, our free Microsoft Security Virtual Training Days will help you gain the technical skills and knowledge you need to enable employees to work securely and achieve more from anywhere. To keep pace with today’s fast-moving security landscape, we updated three of our most popular Virtual Training Days: Modernize your SecOps with Microsoft Sentinel: Learn how to deploy your Microsoft Sentinel SIEM instance, migrate your existing rules, and add content hub solutions including data connectors, analytic rules, hunting queries and workbooks. These solutions enable you to perform detections, investigations, incident management, and threat hunting. Additionally, you can learn how to optimize your security data to maximize your coverage and better manage costs. We will also demonstrate how Microsoft Security Copilot can help security operations teams to move faster with skills like guided response, natural language to KQL translation, and analysis of malicious scripts. Implement data security with Microsoft Purview: Learn how to discover sensitive data, identify critical data security risks, and dynamically tailor DLP controls using Microsoft Purview solutions including Information Protection, Data Loss Prevention, Insider Risk Management, and Adaptive Protection. The session will explore practical use cases for these products, demonstrating how they can secure AI applications and analyze organizational risks. You'll learn to protect data across generative AI tools like Microsoft Copilot for Microsoft 365 and third-party AI applications, implement dynamic protections to prevent data leaks, and ensure compliance in an AI-first world. Defend against threats with extended detection and response: Learn how to perform investigations and remediations with Microsoft Defender XDR and Defender for Endpoint. You will be introduced to the Unified Security Operations Platform (SIEM in XDR), and will see how to deploy the solution and use Microsoft Sentinel capabilities in Microsoft Defender XDR. Microsoft Sentinel SIEM in XDR topics also include SOC Optimization. They will perform advanced hunting using KQL queries, remediate security alerts, and perform detections, investigations, and threat hunting in Defender XDR. You will also learn how attack disruption works with incidents and alerts, and how to use Microsoft Security Copilot to investigate and perform incident management.2.6KViews2likes0CommentsPower Up Your ASP.NET Application with External ID Integration in Visual Studio
Microsoft Entra External ID is a comprehensive identity management solution tailored to streamline a vital component of application development; authentication. By integrating External ID, developers can leverage advanced, built-in security features that reduce the risk of vulnerabilities and ensure compliance with industry standards. This approach not only expedites the development process but also supports scalability and enhances the user experience by providing seamless and secure access. Ultimately, it empowers developers to deliver high-quality, secure applications with greater efficiency. In this blog, we walk you through the process of creating an ASP.Net application with External ID using Visual Studio. Currently the template on Visual Studio supports ASP.Net only. If you’d like to explore External ID on other samples (JavaScript, React, Angular, Node.js (Express), ASP.NET Core, Python Django, Python Flask, Java Servlet etc.), please check out the Microsoft Entra External ID extension for Visual Studio Code or the Microsoft Entra admin center wizard guide. Setting up and running your application Prerequisites Install the recommended Visual Studio version (17.11.3), along with ASP.NET and the web development workload. An external tenant on Microsoft Entra Admin Center. If you don’t have one, you can create one using our 30-day free trial or create an external tenant with an Azure subscription. If you have one continue reading. Ensure you have the application administrator role on Microsoft Entra. After meeting the above prerequisites, you can dive into the video where we show you how to integrate Microsoft Entra External ID in your app on Visual Studio or jump straight into the guide. Create your project Open Visual Studio and create a new project. o From the templates, select ‘ASP.NET Core Web App (Razor Pages)’ and click Next. o Provide a Project Name, e.g. ‘ASP-Application’ and a Location (where you want to create the project) and click Next. o In the Framework selection, use ‘.NET 8.0 (Long Term Support)’ and under Authentication Type, select ‘Microsoft identity platform’. Then click on Create. The following diagram shows the Microsoft identity platform at a high level, including the application registration experience, SDKs, endpoints, and supported identities or account types. Install components Install the required component, dotnet msidentity tool, and click Next. Configure External ID Sign in to External ID with a user that has permission to create an application registration. Select your trial or external tenant from the Tenants drop down. Click Create new and give your application a name, like “visual-studio-asp-app”. This will create an application in Microsoft Entra External ID including a linked user flow, fully defining the sign-in and sign-up experience for your users. Then click Register. 5: 'Create new' in Microsoft Entra External ID The app registration process collects and assigns these values for your app: An Application (client) ID that uniquely identifies your app. A Redirect URI that you can use to direct responses back to your app. A few other scenario-specific values such as supported account types. Next, select the application you’ve just registered then click Next. Skip the ‘Additional settings’ step shown below as it does not work with External tenant. Review the Summary of changes and click Finish. The dependency configuration process starts as shown below. Once done, click Close. Run and test the application To run your application, navigate to Debug> Start Without Debugging. Once your build is complete, a new browser window will open at https://localhost:7124. Complete the sign-up and sign-in process on the screen shown below: On successful sign in, you will be able to see the demo page, as shown below: You’ve successfully configured Microsoft Entra External ID on an ASP.NET core Web App and signed in your first user. Next steps Continue exploring Microsoft Entra External ID samples by checking out the Microsoft Entra External ID extension for Visual Studio Code or the Microsoft Entra admin center wizard guide. Share your feedback and tell us what you think, or suggest new features. Also, please join our research panel to receive occasional invites to participate in customer research. You can also explore other features in the Microsoft Entra portfolio by visiting our Developer center Identity blog YouTube for tutorials, deep dives, and the latest news.445Views0likes0CommentsStart learning how Copilot can help you by watching Microsoft Copilot for Security Flight School
Where traditional approaches to enterprise security can isolate security professionals from each other and business functions across highly fragmented environments, Microsoft Copilot for Security helps by redefining what security is and how security gets done. That’s why we’re thrilled to introduce Microsoft Copilot for Security Flight School! Building on the foundational learning in Learn Live: Get started with Microsoft Copilot for Security, host Ryan Munsch, Principal Tech Specialist at Microsoft, explores several intermediate technical topics (L200+) in our flight school videos—ranging from what Microsoft Copilot for Security is (and what it isn’t) to key capabilities, experiences, and how to extend Copilot to your ecosystem. Each topical video is 10 mins or less, aligning to relevant learning modules on Microsoft Learn. This can prove valuable for IT pros looking to enhance their ability to process security signals and protect at the speed and scale of AI. Training topics include: What is Microsoft Copilot for Security? AI orchestration Standalone and embedded experiences Copilot in Entra, Intune, and Purview Manage your plugins Prompting Copilot Prompt engineering Using promptbooks Logic apps Extending Copilot to your ecosystem Check out Microsoft Copilot for Security Flight School today.789Views2likes0CommentsAnnouncing Updates to the M365 Attack Simulator
The Microsoft 365 Attack Simulation team is pleased to announce the release of several new features in our phish simulation tool. This includes: an attachment-based phishing attack the ability to filter your simulation user targets by directory metadata like title, city, and department the inclusion of IP addresses and client data in the simulation detail report Simulation phish message simulations are included in your user phish submission reports43KViews9likes10CommentsComplete the new 30 Days to Learn It Challenge and explore the new trainings in Security
30 Days to Learn It helps technology professionals build skills and start preparing for Microsoft Certifications across a range of topics and solutions, with gamified Cloud Skills Challenges that reward you for timely completion.8.6KViews1like2Comments