Last updated: July 2022
Microsoft 365 Defender is an integrated, cross-domain threat detection and response solution. It provides organizations with the ability to prevent, detect, investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments.
To help you get started with Microsoft 365 Defender and take advantage of its capabilities we’ve compiled a series of short videos. These will walk through the key product features and show you how to apply them to your business today.
We’re constantly adding new capabilities to Microsoft 365 Defender so check back here regularly for new videos and instructional content.
The latest additions are marked with NEW
Please share your feedback or ask questions in the comments section below; let us know what other videos and topics you would like to see.
|
Overview
|
Getting started
|
|
UPDATED Watch an all-up overview of Microsoft 365 Defender and learn about its capabilities
|
Check out how you can get started quickly and start benefiting from its capabilities
|
|
|
|
| |
|
Unified portal
|
Azure Sentinel integration
|
|
This video shows you the improved and enhanced Microsoft 365 security center.
|
This video describes how you can stream all Microsoft 365 Defender incidents into Azure Sentinel and keep them synchronized.
|
|
|
|
| |
|
Incident
|
Advanced hunting
|
|
UPDATED Learn how alerts are being correlated into incidents and how to work with them
|
Get started with advanced hunting to hunt for threats across your Microsoft 365 Defender data
|
|
|
|
| |
|
Secure Score
|
KQL Basics
|
|
NEW This video explains how the Secure Score can help you protect your organization
|
NEW Learn the basics of KQL, the language used for advanced hunting
|
|
|
|
| |
|
Unpacking JSON in KQL
|
Optimizing KQL
|
|
NEW This video demonstrates how to unpack JSON strings by using the Kusto Query Language.
|
NEW This video demonstrates ways you can optimize Kusto Query Language.
|
|
|
|
| |
|
Joining tables in KQL
|
Hunting linked downloads
|
|
NEW This video demonstrates joining tables by using Kusto Query Language.
|
NEW Learn how to use advanced hunting to find URL clicks that download files.
|
|
|
|
| |
|
Unified submissions
|
Streaming API
|
|
NEW Check out the new, unified submissions experience in the Microsoft 365 Defender portal.
|
Learn how you can setup the streaming API to ship event information directly to Azure Event hubs or to Azure storage.
|
|
|
|
| |
|
Microsoft 365 Defender and Power Automate
|
|
|
Learn how you can use Power Automate to automate your workflows.
|
|
|
|
|
| |
|
Automated self-healing
|
Submit feedback
|
|
UPDATED This video helps you better understand how Microsoft 365 Defender automates remediation actions
|
We are listening! See how easy it is to share your feedback with us
|
|
|
|
| |
|
Security center for Microsoft Defender for Office 365 customers
|
Security center for Microsoft Defender for Identity customers
|
|
See the improved and NEW features you get when you start using the Microsoft 365 Defender portal - at no costs.
|
This video shows improved and NEW features you get when you move to the Microsoft 365 Defender portal - at no costs!
|
|
|
|
| |
|
Classification
|
Threat Analytics
|
|
See how quickly you can classify your incidents & alerts
|
With threat analytics you can track and respond to emerging threats
|
|
|
|
