Microsoft Defender for Cloud Apps Ninja Training | June 2022
Published Sep 30 2021 09:30 AM 117K Views
Microsoft

 

Announcement:  Microsoft Cloud Apps Security (MCAS) has been renamed to Microsoft Defender for Cloud Apps (MDCA), joining the "Microsoft Defender" family of products.  For more information about the change, please see this announcement.

In addition, here is our new short link for this blog post:   Short Link:  http://aka.ms/MDCANinjaTraining.

 

If you've already completed the training, you can focus on the latest updates (June 2022 update).

 

Have you been wanting to secure your cloud resources? Do you have agreements with non-Microsoft cloud applications? Do you want to share your cloud security knowledge and experience with others? Wait no longer, the Microsoft Defender for Cloud Apps Ninja training is here!

 

Microsoft Defender for Cloud Apps has hundreds of amazing videos available and it can sometimes be overwhelming with determining where to start and how to progress through different levels. We've gone through all these and created this repository of training materials - all in one central location!  Please let us know what you think in the comments.

 

The overall structure of the training sessions are split into three main knowledge levels:

Level

Description

Level 1: Fundamentals - Beginner level

Introduction to Microsoft Defender for Cloud Apps, licensing, portal navigation, policy basics, and overall definitions.

Level 2: Intermediate - Associate level

Capability demos, automatic governance, overall deployment, and connecting 3rd party apps.

Level 3: Advanced - Expert level

Power automate, 3rd party IdP integration, and advanced use case scenarios.

 

After each level, we will offer you a knowledge check based on the training material you have just finished! Since there’s a lot of content, the goal of the knowledge checks is to help ensure understanding of the key concepts that were covered. Lastly, there’ll be a fun certificate issued at the end of the training! Disclaimer: This is not an official Microsoft certification and only acts as a way of recognizing your participation in this training content.

 

We plan to update this training on a quarterly basis to ensure that you all have the latest and the greatest training materials.  Please do check back often for new training content.   You can find the newly added training content are listed on the Latest Update Page.   They are also listed here tagged with "[New!]" at the end of the training title.  For those of you who have already gone through the training before, it's faster to go to the Latest Update Page and view those [New!] training contents directly. 

 

Note: Threat protection product names from Microsoft have recently changed. Read more about this and other updates here
  • Microsoft 365 Defender (previously Microsoft Threat Protection)

  • Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)

  • Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection)

  • Microsoft Defender for Identity (previously Azure Advanced Threat Protection)

  • Microsoft Defender for Cloud Apps (previously Microsoft Cloud Apps Security)

Please let us know what you think about this training!

Acronyms

Acronyms

Full Name

MDCA

Microsoft Defender for Cloud Apps

RBAC

Role-based access control

MDATP

Microsoft Defender Advanced Threat Protection

AATP

Azure Advanced Threat Protection

ATP

Advanced Threat Protection

AIP

Azure Information Protection

ASC

Azure Security Center

AAD

Azure Active Directory

CASB

Cloud Access Security Broker

MTP

Microsoft Threat Protection

GCC

Government Community Cloud

GCC-H

Government Community Cloud High

MDI

Microsoft Defender for Identity

MDO

Microsoft Defender for Office 365

MDE

Microsoft Defender for Endpoint

SSPM

SaaS Security Posture Management

XDR

Extended Detection and Response

M365D

Microsoft 365 Defender

 

Table of Contents

 

Microsoft Defender for Cloud Apps - Fundamentals

Module 1. Fundamental level Overview 

Module 2. Microsoft Defender for Cloud Apps Introduction

Module 3. Initial Settings 

Module 4. Cloud Discovery 

Module 5. Information Protection and Real-Time Controls 

Module 6. Threat Detection 

Fundamentals Knowledge Check

 

Microsoft Defender for Cloud Apps - Intermediate

Module 1. Intermediate Level Overview 

Module 2. Cloud Discovery

Module 3. Information Protection and Real-Time Control

Module 4. Threat Detection

Intermediate Knowledge Check 

 

Microsoft Defender for Cloud Apps - Advanced

Module 1. Advanced Level Overview 

Module 2. Power Automate

Module 3. 3rd Party IdP configuration

Module 4. Conditional Access App Control steps for non-Microsoft SAAS applications

Module 5. SIEM Integration

Module 6. Advanced Scenarios and Guidance

Module 7, Additional Blogs and Information

Advanced Level Knowledge Check

 

Legend

CTang885_0-1631683617908.png Docs on Microsoft CTang885_1-1631683617910.png Blogs on Microsoft
CTang885_2-1631683617982.png Product videos CTang885_3-1631683617947.pngWebcast recordings
CTang885_4-1631683617962.png CTang885_0-1643222051459.png Tech Community CTang885_5-1631683617963.pngCTang885_0-1631834559565.png Interactive guides

⤴ External Sites

CTang885_6-1631683617997.png GitHub

 

Microsoft Defender for Cloud Apps - Fundamentals [Beginner Level]

 

Module 1. Fundamental Level Overview

Training Title Description
CTang885_2-1631683617982.png Introduction to Microsoft Defender for Cloud Apps Beginner Level Training This video provides a summary of what contents will be covered in the Fundamentals (Beginner level) training
CTang885_4-1631683617962.png Microsoft Defender for Cloud Apps Tech Community This is a Microsoft Defender for Cloud Apps Community space that allows users to connect and discuss the latest news, upgrades, and best practices with Microsoft professionals and peers.
CTang885_0-1631683617908.pngCTang885_0-1631691278723.png  Top 20 Use Cases for CASBs This document provides use cases that can be leveraged during proof of concept (POC), or as prep step for deploying CASB solution (looking for ways to prioritize deployment components). 
CTang885_0-1631687643554.png What is a CASB and Why do I need one? This blog provides an overview of CASBs and why they are important for securing your cloud resources. 

 

Module 2.  Microsoft Defender for Cloud Apps Introduction 

Training Title Description
CTang885_2-1631683617982.png Microsoft Defender for Cloud Apps Introduction This is an introductory video presentation of Microsoft's Cloud Access Security Broker (CASB): Microsoft Defender for Cloud Apps
CTang885_1-1631688568327.png Microsoft Defender for Cloud Apps Best Practices This article outlines the best practice for protecting your organization using Microsoft Defender for Cloud Apps. The Best Practice comes from our overall experience working with Cloud Security and from our customers, like you. 
CTang885_2-1631688701356.png Microsoft Defender for Cloud Apps User Interface Updates This blog provides an update on the Microsoft Defender for Cloud Apps UI changes.
CTang885_2-1631683617982.png Microsoft Defender for Cloud Apps Licensing  This video provides an overview of Microsoft Defender for Cloud Apps licensing information
CTang885_1-1631688568327.png Microsoft Defender for Cloud Apps Licensing Datasheet This document is the Microsoft Defender for Cloud Apps licensing datasheet mentioned in the MCAS Licensing video.
CTang885_1-1631688568327.png Difference between Microsoft Defender for Cloud Apps and OCAS This document outlines the differences between Microsoft Defender for Cloud Apps and OCAS
CTang885_1-1631688568327.png Difference between Microsoft Defender for Cloud Apps and AAD Discovery This document outlines the differences in discovery capabilities between Microsoft Defender for Cloud Apps and AAD
CTang885_2-1631683617982.png TCO/ROI of Microsoft Defender for Cloud Apps (Forrester Study) This video goes over the result of a Forrester Study from May 2020 with the Total Cost of Ownership and Return on Investment of Microsoft Defender for Cloud Apps.
The Total Economic Impact of Microsoft Defender for Cloud Apps

This site provides an overview of the study,

Microsoft Defender for Cloud Apps setup guide [New]

This setup guide steps through how to set up Microsoft Defender for Cloud Apps in your environment. (Only accessible by licensed partners of Microsoft Defender for Cloud Apps).

CTang885_2-1631683617982.png Microsoft 365 App Governance [NEW!]

This short video provides a brief overview of the "App Governance" feature within the Microsoft Defender for Cloud Apps.

CTang885_1-1631688568327.png App governance add-on to Defender for Cloud Apps 

This document outlines the security features Microsoft Defender for Cloud Apps with app governance provides for with Microsoft 365 OAuth apps.

CTang885_1-1631688568327.png Microsoft Defender for Cloud Apps App Governance

This document includes a video that steps through the functionalities and usages of app governance feature within the  Microsoft Defender for Cloud Apps. 

 

Module 3.  Initial Settings

Training Title  Description
CTang885_0-1631734868063.png   Connect Apps to get visibility and protection  This article outlines the steps on connecting the applications to Microsoft Defender for Cloud Apps to enable greater visibility and control over the application. 

CTang885_2-1631683617982.png Connecting apps to Microsoft Defender for Cloud Apps 

This video walks through how to connect applications to Microsoft Defender for Cloud Apps

CTang885_0-1631734868063.pngCTang885_2-1631688701356.png Connect your favorite Apps to Microsoft Defender for Cloud Apps

This blog provides a brief video overview on how to connect GitHub, Salesforce, Box, and Slack, to Microsoft Defender for Cloud Apps.  These 4 videos are also listed below. 

CTang885_0-1631683617908.png Connect Smartsheet to Microsoft Defender for Cloud Apps 

In this article, we walk through how to connect Smartsheet to Microsoft Defender for Cloud Apps.

CTang885_0-1631683617908.png Connect Zendesk to Defender for Cloud Apps (Preview) 

In this article, we walk through how to connect Zendesk to Microsoft Defender for Cloud Apps.

CTang885_0-1631683617908.png Connect NetDocuments to Defender for Cloud Apps (Preview) 

In this article, we walk through how to connect NetDocuments to Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Connect GitHub to Microsoft Defender for Cloud Apps

In this video, we walk through how to connect GitHub to Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Connect Salesforce to Microsoft Defender for Cloud Apps

In this video, we walk through how to connect Salesforce to Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Connect Box to Microsoft Defender for Cloud Apps

In this video, we walk through connecting Box to Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Connect Slack to Microsoft Defender for Cloud Apps

In this video, we walk through connecting Slack to Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Configure IP Addresses

This video shows how to add your organization's IP address ranges to remove complexities from policy creation, investigation, and improve the accuracy of your alerts.

CTang885_2-1631688701356.pngCTang885_2-1631688701356.png CTang885_0-1631734868063.png Working with IP ranges and tagsCTang885_2-1631688701356.png

This article outlines the steps on how to configure IP addresses and use IP ranges and tags. 

CTang885_2-1631683617982.png   Import User Groups

This video shows how to import user groups into Microsoft Defender for Cloud Apps to help create relevant policies.

CTang885_0-1631734868063.png   Importing user groups from connect apps

This article outlines the steps on how to import user groups from connected apps 

CTang885_2-1631683617982.png   Configure Admin Roles

In this video, we show you how to configure admin roles and set up role-based access controls.

CTang885_0-1631734868063.png   Manage Admin Access

This article describes how to manage admin access in Microsoft Defender for Cloud Apps.

CTang885_2-1631683617982.png   Configure MSSP Access

In this video, we walk through the steps on adding Managed Security Service Provider (MSSP) access to Microsoft Defender for Cloud Apps.

CTang885_0-1631734868063.png Get started with app governance 

This document walks you through how to sign up for Microsoft Defender for Cloud Apps app governance.

CTang885_0-1631734868063.png Learn about visibility and insights within app governance 

This document outlines the visibility and meaningful insights Microsoft Defender for Cloud Apps app governance enables for your Microsoft 365 application ecosystem. 

CTang885_0-1631734868063.png Get started with Microsoft 365 OAuth app threat detection and remediation 

This document provides information on what information and app governance dashboard provides.

 

Module 4.  Cloud Discovery

Training Title Description
CTang885_2-1631688701356.png Introduction to Microsoft Defender for Cloud Apps Cloud Discovery This blog details how to get started in Cloud Discovery in Microsoft Defender for Cloud Apps.
CTang885_2-1631688701356.png Dashboard Basics This article gives a basic overview of how to navigate and use the dashboard. 
CTang885_0-1631725316135.png Discovered Apps This article provides guidance on working with the discovered apps and dives deeper into the information provided by the dashboard. 
CTang885_2-1631683617982.png App Risk Scoring This video provides an overview of how Microsoft Defender for Cloud Apps evaluates the risk over discovered SaaS apps in your environment. 
CTang885_2-1631683617982.png Using the Cloud App Discovery Feature This video provides an overview of Microsoft Defender for Cloud Apps' cloud apps discovery feature.

 

Module 5.  Information Protection and Real-Time Controls

Training Title Description
CTang885_2-1631683617982.png Connect Office 365 This video demonstrates how to connect Office 365 to Microsoft Defender for Cloud Apps and enable our powerful capabilities across DLP, Threat Protection, and more.
CTang885_2-1631683617982.png What is Conditional Access App Control? In this video, we explore what Conditional Access App Control is, how to deploy and configure it, and testing a scenario (Microsoft Teams). 
CTang885_2-1631683617982.png Governance actions for non-O365 and Azure apps This video provides an overview of some of the governance actions that can be taken with Microsoft Defender for Cloud Apps.
CTang885_2-1631683617982.png Configure AAD with Microsoft Defender for Cloud Apps Conditional Access App for Session Controls (Do... In this video, we walk through how to configure real-time monitoring and control across your cloud apps leveraging our powerful, native integration with Azure AD conditional Access to provide inline controls for your downloads.
CTang885_0-1631725316135.png Block Sensitive Information Downloads This article walks you through a tutorial on how to create a session policy to block the download of sensitive information.
CTang885_2-1631683617982.png Configure AAD with Microsoft Defender for Cloud Apps Conditional Access App for Session Controls (Up... In this video, we walk through how to configure real-time monitoring and control across your cloud apps leveraging our powerful, native integration with Azure AD conditional Access to provide inline controls for your uploads.
CTang885_2-1631688701356.png Understand Unified Labeling Migration This blog explains what "Unified labeling" is and how to use it in migration scenario.

 

Module 6.  Threat Detection

Training Title Description
CTang885_2-1631683617982.png Threat Detection Overview In this video, we walk through Microsoft Defender for Cloud Apps' detection capabilities that allow you to identify advanced attackers and insider threats.
CTang885_2-1631683617982.png User and Entity Behavior Analytics This video provides a brief overview of User & Entity Analytics (UEBA) in Microsoft Defender for Cloud Apps.
CTang885_2-1631683617982.png Discover and Manage Risky OAuth applications In this video, we explore how Microsoft Defender for Cloud Apps can help you identify when users authorized OAuth apps, detect risky apps, and evoke access to risky apps.
CTang885_0-1631725316135.png How to investigate anomaly detection alerts  This article provides general information on alerts that are detected by Microsoft Defender for Cloud Apps, and practical guidance on what needs to be done for alert investigation and remediation.
CTang885_0-1631725316135.png Manage OAuth apps - Working with the OAuth app page  This article provides instructions on using Microsoft Defender for Cloud Apps to manage OAuth applications. 

CTang885_1-1631773341527.png Knowledge Check - Microsoft Defender for Cloud Apps Fundamentals   

 

 

 

Microsoft Defender for Cloud Apps - Intermediate [Associate Level]

 

Module 1. Intermediate Level Overview

Training Title Description
CTang885_2-1631683617982.png Introduction to Microsoft Defender for Cloud Apps Intermediate Level Training This video provides a summary of what contents will be covered in the Intermediate (Associate level) training
CTang885_2-1631683617982.png Microsoft Defender for Cloud Apps: Overview This is an overview video that discusses the different pillars and configuration steps for Microsoft Defender for Cloud Apps with demo.
CTang885_2-1631688701356.png Secure Access for applications with Microsoft Defender for Cloud Apps  This article walks through how to secure access for applications with Microsoft Defender for Cloud Apps.

 

Module 2. Cloud Discovery

Training Title Description
CTang885_0-1631834559565.pngCloud Discovery Interactive Guide This interactive guide walks through discovering, protecting, and controlling your apps.
CTang885_0-1631725316135.png Cloud Discovery Policies This article goes over on what are the cloud discovery policies within your Microsoft Defender for Cloud Apps environment.
CTang885_0-1631725316135.png How to exclude entities from discovery data This article provides you with instructions on excluding certain entities' data from being part of the Cloud Discovery data for reporting.
CTang885_0-1631725316135.png Microsoft Defender for Cloud Apps and MDE integration This article walks through the process of integrating MDE (formerly MDATP) and Microsoft Defender for Cloud Apps and how simple the integration is - without requiring an extra agent or proxy.
CTang885_2-1631683617982.png How to design and deploy a Log Collector for Microsoft Defender for Cloud Apps This video details the Microsoft Defender for Cloud Apps cloud discovery pillar and how to deploy a log collector.
CTang885_0-1631725316135.png Integrate with Zscaler If you work with both Microsoft Defender for Cloud Apps and Zscaler, you can integrate the two products to enhance your security Cloud Discovery experience. 
CTang885_0-1631725316135.png Integrate with iboss If you work with both Microsoft Defender for Cloud Apps and iboss, you can integrate the two products to enhance your security Cloud Discovery experience. 
CTang885_0-1631725316135.png Integrate with Corrata If you work with both Microsoft Defender for Cloud Apps and Corrata, you can integrate the two products to enhance your security Cloud Discovery experience. 
CTang885_0-1631725316135.png Integrate with Menlo  If you work with both Microsoft Defender for Cloud Apps and Menlo, you can integrate the two products to enhance your security Cloud Discovery experience. 

 

 Module 3. Information Protection and Real-Time Controls

Training Title Description
CTang885_1-1631743558581.png Document fingerprinting in Microsoft 365 Compliance In this video, we walk through how to set up policies to detect document fingerprinting using Microsoft 365.
CTang885_0-1631743524020.png Set up Document Fingerprinting in Microsoft Defender for Cloud Apps In this video, we walk through how to configure a file policy to detect document fingerprinting in your file repositories using Microsoft Defender for Cloud Apps.
CTang885_5-1631683617963.pngCTang885_2-1631743975895.png Protect and Control Information with Microsoft Defender for Cloud Apps In this interactive guide, we walk through common scenarios where you can control your information with Microsoft Defender for Cloud Apps.
CTang885_2-1631688701356.png Secure and Connect GitHub This blog walks through how to secure and connect your GitHub instance in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.png Protecting GitHub This video walks through how to protect your GitHub instance using Microsoft Defender for Cloud Apps.
CTang885_3-1631683617947.pngHow to Protect Your GitHub Environment Using Microsoft Defender for Cloud Apps - Webinar   

This webinar walks through on how to use Microsoft Defender for Cloud Apps to protect your GitHub environment. 

NOTE:  This webinar was hosted before the product name change, hence the title of the webinar still refers to previous product name "Microsoft Cloud App Security" or "MCAS".

CTang885_2-1631688701356.png Secure and Connect Box This blog walks through how to secure and connect your Box instance in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.png Protecting Box This video walks through how to protect your data in Box using Microsoft Defender for Cloud Apps.
CTang885_3-1631683617947.pngProtect Your Box Deployment Using Microsoft Defender for Cloud Apps - Webinar 

This webinar walks through how to use Microsoft Defender for Cloud Apps to help you secure your infrastructure and data. with simple configuration steps tailored specifically for Box. 

NOTE:  This webinar was hosted before the product name change, hence the title of the webinar still refers to previous product name "Microsoft Cloud App Security" or "MCAS".

CTang885_3-1631683617947.pngProtect Your Slack Deployment Using Microsoft Defender for Cloud Apps - Webinar   

This webinar walks through how to use Microsoft Defender for cloud Apps to protect your Slack deployment 

NOTE:  This webinar was hosted before the product name change, hence the title of the webinar still refers to previous product name "Microsoft Cloud App Security" or "MCAS".

CTang885_2-1631688701356.png Protect your Slack environment using Microsoft Defender for Cloud Apps  This blog walks through how to protect your Slack environment using Microsoft Defender for Cloud Apps.
CTang885_0-1631725316135.png How Microsoft Defender for Cloud Apps helps protect your Slack Enterprise  This article goes over the capabilities in Microsoft Defender for Cloud Apps that can protect the Slack Enterprise environment. 
CTang885_3-1631683617947.pngProtect Your Salesforce Environment Using Microsoft Defender for Cloud Apps - Webinar

This webinar walks through how to use Microsoft Defender for Cloud Apps to protect your Salesforce environment.  

NOTE:  This webinar was hosted before the product name change, hence the title of the webinar still refers to previous product name "Microsoft Cloud App Security" or "MCAS".

CTang885_0-1631725316135.png Protect Your Smartsheet Deployment Using Microsoft Defender for Cloud Apps   This article provides the best practices on how to use the Smartsheet connector in Microsoft Defender for Cloud Apps to protect Smartsheet deployment. 
CTang885_2-1631688701356.png Protect your AWS environment using Microsoft Defender for Cloud Apps    This blog walks through how to secure and connect your AWS instance in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.png Connect AWS for security auditing in Microsoft Defender for Cloud Apps This video walks through how to connect to AWS for security auditing in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.png Connect AWS for security configuration in Microsoft Defender for Cloud Apps This video walks through how to connect to AWS for security configuration in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.png   Connect AWS for laaS protection in Microsoft Defender for Cloud Apps This video walks through how to connect to AWS for laaS protection in Microsoft Defender for Cloud Apps.
CTang885_3-1631683617947.pngImprove Your AWS Security posture Using Microsoft Defender for Cloud Apps - Webinar 

This Webinar walks through how to detect threats and identify security risks in your AWS environment using Microsoft Defender for Cloud Apps.  

NOTE:  This webinar was hosted before the product name change, hence the title of the webinar still refers to previous product name "Microsoft Cloud App Security" or "MCAS".

CTang885_0-1631725316135.png   How Microsoft Defender for Cloud Apps helps protect your oneLogin  This article provides information on how Microsoft Defender for Cloud Apps protects the One Login environment.
CTang885_0-1631725316135.png How Microsoft Defender for Cloud Apps helps protect your Zendesk     This article provides information on how Microsoft Defender for Cloud Apps protects the Zendesk environment.
CTang885_0-1631725316135.png Connect ServiceNow to Microsoft Defender for Cloud Apps  This article steps through how to connect Microsoft Defender for Cloud Apps to your existing ServiceNow account using the application's API.
CTang885_0-1631725316135.png How Defender for Cloud Apps helps protect your ServiceNow environment  This article walks through how to use Microsoft Defender for Cloud Apps to protect your ServiceNow environment.
CTang885_1-1631743558581.pngCTang885_1-1631743558581.png Protecting Storage Apps and Malware Detection This video shows you how Microsoft Defender for Cloud Apps can help you protect your cloud storage apps and ensure that they are not infected with malware.
CTang885_0-1631725316135.png Malware detection in Microsoft Defender for Cloud Apps This article explains how malware detection work in Microsoft Defender for Cloud Apps.
CTang885_1-1631743558581.pngCTang885_1-1631743558581.pngCTang885_0-1631748312424.png Configuring a read-only mode for external users This video walks you through one of the many use-cases focused on external users using Conditional Access App Control - our reverse proxy solution.
CTang885_0-1631748312424.png Block unauthorized browsers from accessing corporate web apps This video detailing the policy configuration required to block unauthorized browsers from accessing corporate web applications.
CTang885_0-1631725316135.png Using Admin Quarantine to investigate files This article is a tutorial that walks through how to use admin quarantine to protect your files. 
CTang885_0-1631725316135.png Automatically apply labels to your sensitive files This article is a tutorial that walks through applying labels to a sensitive file. 
CTang885_0-1631725316135.png Information Protection Policies This article walks you through how to create information protection policies in Microsoft Defender for Cloud Apps
CTang885_2-1631688701356.png Microsoft Defender for Cloud Apps or MIP? This blog walks you through some of the top use cases and questions asked regarding when to use Microsoft Defender for Cloud Apps vs when to use MIP.
CTang885_0-1631748312424.png AWS with AAD and Microsoft Defender for Cloud Apps In this video, we walk through the architecture used to configure AWS with AAD and use Microsoft Defender for Cloud Apps to apply additional protections.
CTang885_2-1631688701356.png Microsoft Defender for Cloud Apps:  How to protect AWS admins and Developers This blog shows you how to use Microsoft Defender for Cloud Apps to protect AWS Admins and Developers. 
CTang885_0-1631725316135.png Azure Information Protection integration - How to integrate Azure information Protection with Micros...  This article steps through how to integrate Azure information Protection with Microsoft Defender for Cloud Apps.
CTang885_0-1631725316135.png   Recommended Microsoft Defender for Cloud Apps policies for SaaS apps - Microsoft 365 Enterprise - Of...        This article provides the recommended Microsoft Defender for Cloud Apps policies to use for SaaS applications. 
CTang885_2-1631688701356.pngMicrosoft Defender for Cloud Apps Data Protection Blog Series: Microsoft Defender for Cloud Apps DLP...     This blog walks through how to configure DLP policies using Microsoft Defender for Cloud Apps.
CTang885_1-1631751626423.png MDCA:  Top 5 Queries you need to save     This blog shares our top five custom queries to save for the five use cases.
CTang885_0-1631725316135.png Governance action for Microsoft 365 OAuth apps using app governance - View apps This document provides information on how to get a list of all of the Microsoft 365 OAuth apps in your tenant.
CTang885_0-1631725316135.png Create app policies for Microsoft 365 OAuth apps using app governance  This document outlines how to create app policies for your Microsoft 365 OAuth apps.
CTang885_0-1631725316135.png Get started with visibility and insights within app governance  This document provides visibility and insights Defender for Cloud Apps app governance provides and how to view app insights.

 

Module 4. Threat Detection

Training Title

 Description

CTang885_0-1631725316135.png Threat Detection Policies

This article shows you how to create threat protection policies within your Microsoft Defender for Cloud Apps environment. 

CTang885_0-1631725316135.png How Microsoft Defender for identity integrates with Microsoft Defender for Cloud Apps

This article is designed to help you understand and navigate the enhanced investigation experience in Microsoft Defender for Cloud Apps and MDL 

CTang885_0-1631748312424.png Microsoft Defender for Identity Overview

This video provides an overview of MDI capability 
CTang885_1-1631836383855.pngMicrosoft Defender for Identity Ninja Training  This blog provides information on where you learn more about Microsoft Defender for Identity

CTang885_0-1631834559565.pngDetect Threats and Microsoft Alerts

This interactive guide shows you the steps on how to manage threats in Microsoft Defender for Cloud Apps.

CTang885_0-1631748312424.png Microsoft 365 Defender - Hunting with Microsoft Defender for Cloud Apps data  

This video steps you through how to use the advanced hunting capability to investigate incidence using Microsoft Defender for Cloud Apps

CTang885_0-1631725316135.png Investigate anomaly detection alerts for Microsoft 365 OAuth apps using app governance 

This document provides you with general and practical information on each alert within Defender for Cloud Apps app governance, and guidance to help you investigate and remediate anomalous activities and requests. 

CTang885_1-1631773341527.pngKnowledge Check - Microsoft Defender for Cloud Apps Intermediate 

 

 

 

 

Microsoft Defender for Cloud Apps - Advanced [Expert Level]

 

Module 1. Advanced Level Overview

Training Title Description
 CTang885_0-1631748312424.png Introduction to Microsoft Defender for Cloud Apps Advanced Level Training This video provides a summary of what contents will be covered in the Advanced (Expert level) training.
CTang885_1-1631836383855.png Power Automate Blog Series: 

Auto-Triage Infrequent Country Alerts using Microsoft Defender for Cloud Apps & Power Automate

This blog is part of the Power Automate Blog Series.  This blog walks through how to auto-triage country alerts using Microsoft Defender for Cloud Apps and Power Automate.
CTang885_0-1631748312424.png Triage Infrequent County Alerts using Power Automate and Microsoft Defender for Cloud Apps This video walks through creating a new Power Automate Flow to automate the triage of infrequent Country alerts in Microsoft Defender for Cloud Apps (Threat Protection Pillar).
CTang885_0-1631748312424.png Request user validation to reduce your SOC workloads This video walks through how to use Power Automate Flow to request user validation for file sharing (Data Protection Pillar).
CTang885_0-1631748312424.png Request for Manager Action using Power Automate & Microsoft Defender for Cloud Apps In this video, we walk through how to use Power Automate Flow to request manager validation for their team.
CTang885_1-1631836383855.png Request for Manager Action: Step-by-step guidance This blog outlines the steps and guidance on using Power Automate Flow to request manager validation for their team.
CTang885_0-1631748312424.png Auto-disable malicious inbox rules using Microsoft Defender for Cloud Apps & Power Automate This video walks you through a new Power Automate Flow on how to remove malicious inbox rules detected in your cloud environment. 

 

Module 2. Non-Microsoft Party IdP configuration

Training Title Description
CTang885_0-1631725316135.png  Integrating PingOne with Microsoft Defender for Cloud Apps for Conditional Access App Control This article walks you through integrating PingOne with Microsoft Defender for Cloud Apps for Conditional Access App Control using Salesforce as an example.
CTang885_0-1631725316135.png  Integrating ADFS with Microsoft Defender for Cloud Apps for Conditional Access App Control This article walks you through integrating ADFS with Microsoft Defender for Cloud Apps for Conditional Access App Control using Salesforce as an example.
CTang885_0-1631725316135.png  Integrating Okta with Microsoft Defender for Cloud Apps for Conditional Access App Control This article walks you through integrating Okta with Microsoft Defender for Cloud Apps for Conditional Access App Control using Salesforce as an example.

 

Module 3. Conditional Access App Control Steps for non-Microsoft SAAS applications

Training Title Description
CTang885_0-1631748312424.png  Workplace for Facebook: Block/Apply DLP downloaded files in Workplace from Facebook with Microsoft D... This video steps through how to use Conditional Access App Control in Microsoft Defender for Cloud Apps for Workplace for Facebook.
CTang885_0-1631748312424.png  How to use Conditional Access App Control in Microsoft Defender for Cloud Apps for Box. This video steps through how to use Conditional Access App Control in Microsoft Defender for Cloud Apps for Box.
CTang885_1-1631836383855.png  Microsoft Defender for Cloud Apps Data Protection Blog Series: Box Real-Time Protections This blog provides additional guidance on real-time protection for Box.
CTang885_0-1631748312424.png  Slack: Block chats with sensitive data using Microsoft Defender for Cloud Apps This video steps through how to block chats with sensitive data using Conditional Access APP Control in Microsoft Defender for Cloud Apps.

 

Module 4. SIEM integration

Training Title Description
CTang885_0-1631748312424.png  Connect Azure Sentinel This video details how to connect Azure Sentinel (Microsoft's SIEM + SOAR product) to Microsoft Defender for Cloud Apps.
CTang885_0-1631748312424.png  Azure Sentinel Entities Enrichment (Users) This video looks at how you can use the provided playbooks to enrich your impacted user profiles, and then consume it in Sentinel, ServiceNow, or Postman. 
CTang885_0-1631748312424.png  Microsoft Defender for Cloud Apps Infrequent Country triage with Microsoft Sentinel and Logic Apps This video walks you through the deployment of a playbook to use to triage your Microsoft Sentinel incidents.
CTang885_0-1631748312424.png  Connect a 3rd Party SIEM This video details how to connect to third-party SIEM to Microsoft Defender for Cloud Apps.

 

Module 5. Advanced Scenarios and Guidance

Training Title Description
CTang885_0-1631725316135.pngMDA Operational Guide  The Operational Guide to help SOC and security teams with planning and
performing security activities. Particularly useful for new MDA users.
CTang885_0-1631748312424.png  Indicators of Compromise This video walks you through how to create custom Indicators of Compromise in Microsoft Defender for Cloud Apps
CTang885_0-1631748312424.png  Microsoft Defender for Cloud Apps and Microsoft Threat Protection This video guides you on how Microsoft is unifying our threat products.
CTang885_0-1631748312424.png  Block Apps/Sites on iOS (Defender for Endpoint + Microsoft Defender for Cloud Apps) This video walks through blocking apps and sites on iOS, suing Defender for iOS, and using custom indicators of compromise from Microsoft Defender for Cloud Apps and Defender for Endpoint integration.
CTang885_0-1631725316135.png  Microsoft Defender for Cloud Apps API Documentation This article describes how to interact with Microsoft Defender for Cloud Apps over HTTPS.
CTang885_0-1631725316135.png  Configuring a Log Collector behind a Proxy This article provides more information on configurations to ensure your log collector works when behind a proxy.
CTang885_2-1631743975895.png  Automate Microsoft Defender for Cloud Apps Alerts with Power Automate This interactive guide walks through the steps needed to automate alert management using Power Automate
CTang885_1-1631836383855.png Microsoft Defender for Cloud Apps:  The Hunt in a multi-stage incident   This blog explains how to use Microsoft 365 Defender to address common alerts from Microsoft Defender for Cloud Apps to determine the threats' scope and impact. 
CTang885_0-1631725316135.png  Microsoft Defender for Cloud Apps: The Hunt for Insider Risk     This blog outlines the use cases for using Microsoft 365 Defender to determine the "Insider Risk" alerts from Microsoft Defender for Cloud Apps.
CTang885_0-1631725316135.png  Proactively hunt for threats with advanced hunting in Microsoft 365 Defender        This article shows how to proactively hunt for threats using the Advance Hunting Tool in Microsoft 365 Defender.
CTang885_1-1631836383855.png  GitHub - Microsoft/Microsoft-365-Defender-Hunting-Queries: Sample queries for Advanced hunting in Mi...     This blog provides a list of sample queries for Advance Hunting using Microsoft 365 Defender.

 

Module 6.  Additional Blogs and Information

Training Title Description

CTang885_1-1631836383855.png  Securing Administrative Access to Microsoft Defender for Cloud Apps and Defender for Identities

This blog provides guidance on how to configure Azure AD Conditional Access to secure administrative access to Microsoft Defender for Cloud Apps and Defender for Identity (Formerly Azure ATP)
CTang885_1-1631836383855.png  Limiting Inherited Roles from Azure Active Directory in Microsoft Defender for Cloud Apps This blog goes over a customer scenario for Microsoft Defender for Cloud Apps and the steps that can be taken to meet their requirements on limiting inherited AAD roles' accesses in Microsoft Defender for Cloud Apps
CTang885_0-1642361581865.png  Browse all - Learn | Microsoft Docs   Microsoft Defender for Cloud Apps Learning Path Check out these learning paths for Microsoft Defender for Cloud Apps
CTang885_1-1631836383855.png  Lifecycle management strategy | Microsoft Docs This blog provides information on Microsoft Defender for Cloud Apps Lifecycle Management
CTang885_1-1631836383855.png  Bypass Blocking PDF Preview in OWA This blogs walks through use cases on using the "Real-Time Control" in Microsoft Defender for Cloud Apps to bypass blocking PDF previews in OWA.
CTang885_0-1631725316135.png  Tutorial:  Require step-up authentication (authentication context) upon risky actions   In this tutorial, we will show you how to protect your organization by requiring Azure AD Conditional Policies to be accessed during sensitive session actions using Microsoft Defender for Cloud Apps' Conditional Access Control.

 

CTang885_1-1631773341527.png Knowledge Check - Microsoft Defender for Cloud Apps Advanced

 

 

 

Once you've finished the training and the knowledge checks, please go to our attestation portal to generate your certificate -  you'll see it in your inbox within 3 to 5 business days (Click Here).  

 

We have a great lineup of updates for the next rendition (next quarter).  If you'd like anything covered, please comment below.  In addition, please reach out to us if you have any content that you would like to include as well. 

 

We hope you all enjoy this training! 

 

Feedback

Let us know if you have any feedback or relevant use cases/requirements for this portion of Microsoft Defender for Cloud Apps by emailing, CASFeedback@microsoft.com and mention the core area of concern.

 

Learn More

For further information on how your organization can benefit from Microsoft Defender for Cloud Apps, connect with us at the links below:  

Join the conversation on Tech Community.   

Stay up to date—subscribe to our blog.   

Upload a log file from your network firewall or enable logging via Microsoft Defender for Endpoint to discover Shadow IT in your network.  

Learn more—download Top use cases for SaaS Security.  

Connect your cloud apps to detect suspicious user activity and exposed sensitive data.  

Search documentation on Microsoft Defender for Cloud Apps    

Enable out-of-the-box anomaly detection policies and start detecting cloud threats in your environment.  

Understand your licensing options    

Continue with more advanced use cases across information protection, compliance, and more.  

Follow the Microsoft Defender for Cloud Apps Ninja blog and become a Microsoft Defender for Cloud Apps Ninja by taking the Microsoft Defender for Cloud Apps Ninja Training.   

Go deeper with these interactive guides:  

·         Discover and manage cloud app usage with Microsoft Defender for Cloud Apps  

·         Protect and control information with Microsoft Defender for Cloud Apps

·         Detect threats and manage alerts with Microsoft Defender for Cloud Apps

·         Automate alerts management with Microsoft Power Automate and Microsoft Defender for Cloud Apps

 

 

To experience the benefits of full-featured CASB, sign up for a  free trial—Microsoft Defender for Cloud Apps. 

 

Follow us on LinkedIn as #CloudAppSecurity. To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity on Twitter, and Microsoft 

 

25 Comments
Version history
Last update:
‎Aug 21 2023 11:47 AM
Updated by: