Become a Microsoft 365 Defender Ninja

Published Oct 19 2020 08:53 AM 87.8K Views
Microsoft

Microsoft 365 Defender, part of Microsoft’s XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. This Ninja blog covers the features and functions of Microsoft 365 Defender – everything that goes across the workloads, but not the individual workloads themselves. The content is structured into three different knowledge levels, with multiple modules: Fundamentals, Intermediate, and Expert.

 

In addition, after each level, we offer you a knowledge check based on the training material you have just finished! Since there’s a lot of content, the goal of the knowledge checks is to help ensure understanding of the key concepts that were covered. Lastly, there’ll be a fun certificate issued at the end of the training: Disclaimer: This is not an official Microsoft certification and only acts as a way of recognizing your participation in this training content.

 

I want to give kudos to my colleagues: @Sarahzin for letting me copy from her MCAS Ninja training, @DanEdwards for helping me automate the certificate distribution and @Tali Ash for helping me pull the questions together! Thank you!

 

We will keep updating this training on a regular basis and highlight new resources.

 

If you already did the training, you can focus on the latest updates (August update)

 

Table of Contents

Security Operations Fundamentals

Module 1. Technical overview

Module 2. Getting started

Module 3. Investigation – Incident

Module 4. Threat analytics

Module 5. Advanced hunting

Module 6. Self-healing

Module 7. Community (blogs, webinars, GitHub)

Module 8. Partners

 

Security Operations Intermediate

Module 1. Architecture

Module 2. Investigation

Module 3. Advanced hunting

Module 4. Automated investigation and remediation

Module 6. Self-healing

Module 5. Build your own lab

Module 7. Reporting

Module 8. Microsoft Threat Experts

 

Security Operations Expert

Module 1. Incidents

Module 2. Advanced hunting

Module 3. APIs, custom reports, SIEM & other integrations

 

Legend:

vid.png Product videos

webcast.png Webcast recordings

TechCommunity.png Tech Community

docs.png Docs on Microsoft

blogs.png Blogs on Microsoft

GitHub.png GitHub

⤴ External

InteractiveGuides.png Interactive guides

 

 

Security Operations Fundamentals

Module 1. Technical overview

Module 2. Getting started

Module 3. Investigation – Incident

Module 4. Threat Analytics

Module 5. Advanced hunting

Module 6. Self-healing

Module 7. Community (blogs, webinars, GitHub)

Module 8. Partner

 

> Ready for the Fundamentals Knowledge Check

 

Security Operations Intermediate

Module 1.  Architecture

Module 2. Investigation

Module 3. Advanced hunting

Module 4. Automated investigation and remediation

Module 6. Self-healing

Module 5. Build your own lab

Module 7. Reporting

Module 8. Microsoft Threat Experts

 

> Ready for the Intermediate Knowledge Check

 

Security Operations Expert

Module 1. Incidents

Module 2. Advanced hunting

Module 3. APIs, custom reports, SIEM & other integrations

 

> Ready for the Expert Knowledge Check

 

Once you’ve finished the training and the knowledge checks, please click here to request your certificate (you'll see it in your inbox within 3-5 business days.

29 Comments
Co-Authors
Version history
Last update:
‎Dec 23 2021 10:43 AM
Updated by: