Call Us: +32 2 466 00 16
Follow Us:

Mastering Microsoft Cloud Cybersecurity

5 days
5 days

Upcoming Sessions





Book now





Book now

Interested in a private company training? Request it here.

Cloud Security Overview

Security matters. Every company is faced with several kinds of attacks and must implement different tools to protect themselves.

  • Threat Landscape
  • Common Threats and Attack Types
  • The Defender's Dilemma
  • Identity and Access Management
  • Threat Protection
  • Security Management
  • Information Protection

Securing Your Cloud Identities

The first thing you should protect are your identities. Especially in a cloud infrastructure, this should be your number one priority. Azure Active Directory provides a lot of security related features to control access to your environment.

  • Multi-Factor Authentication
  • Privileged Identity Management
  • Identity Protection
  • Conditional Access
  • LAB: Securing Your Identities

Microsoft Defender for Identity

If your identities are hosted on-premises, Microsoft Defender for Identity can provide protection for Active Directory accounts.

  • Microsoft Defender for Identity Features
  • Configuring Defender for Identity
  • Protecting Your Accounts
  • Identify Threats: Reconnaissance and Lateral Movement
  • Detect Pass-the-Hash and Pass-the-Ticket Attacks
  • LAB: Microsoft Defender for Identity

Microsoft Defender for Office 365

Safeguard your organization against malicious threats from email messages, links and collaboration tools. Implement policies to detect malware, spam and phishing mails. Define what action to take when malicious content is detected.

  • Protect Against Malware, Spam, Phishing, Spoofing
  • Email Authentication: SPF, DKIM and DMARC
  • Attack Simulator
  • Safe Attachments and Safe Links
  • Threat Protection for Collaboration: SharePoint, OneDrive and Teams
  • Secure Score
  • LAB: Microsoft Defender for Office 365

Microsoft Defender for Endpoint

Devices can get compromised because of missing updates or vulnerabilities in applications. Microsoft Defender for Endpoint provides you with an inventory and gives you recommendations to make your environment more secure. This service also detects suspicious activities and alerts you about possible attacks.

  • Protect Your Devices
  • Onboarding Devices
  • Endpoint Detection and Response
  • Threat and Vulnerability Management
  • Secure Score for Devices
  • LAB: Microsoft Defender for Endpoint

Microsoft Defender for Cloud Apps

In this cloud-based world, it can become difficult to find the right balance between flexibility for your users and protecting your critical data. Microsoft Defender for Cloud Apps acts as a gatekeeper to broker access between your users and the cloud apps they use. At the same time, it can safeguard your sensitive information.

  • Cloud Discovery
  • App Connectors
  • Control Access to Apps with Policies
  • Conditional Access App Control
  • Protect Sensitive Information
  • LAB: Microsoft Defender for Cloud Apps

Detect and Stop attacks with Microsoft 365 Defender

So many different tools that collect so much information. You may be flooded with information. Microsoft 365 Defender brings it all together. It gives you better insights in attacks by showing you the devices, identities and apps that were involved. You can hunt for threats and be proactive, making sure the attacker doesn't stand a chance.

  • Protect Your Environment
  • Onboard Security Services
  • Attack Investigation
  • Threat Hunting
  • LAB: Microsoft 365 Defender

Information Governance and Protection

Microsoft 365 is designed to help meet your organization’s needs for content security and data usage compliance with legal, regulatory, and technical standards.

You must be able to protect your sensitive data by implementing rules and conditions to control access and secure files and services. You should be able to define how long data is kept and when it must be deleted.

  • Microsoft Purview Compliance Portal Overview
  • Sensitive Information Types
  • Trainable Classifiers
  • Sensitivity Labels
  • Data Loss Prevention
  • Retention Labels and Policies
  • Communication Compliance
  • LAB: Information Governance and Protection

Information Insights and Discovery

Find out what is going on in your organization by checking Audit logs and running eDiscovery searches.

Compare your configuration with a predefined set of policies and get recommendations on how to improve your compliance score.

Manage insider risks and control data privacy.

  • eDiscovery
  • Auditing and Alert Policies
  • Compliance Manager
  • Data Classification
  • Insider Risk Management
  • Privacy Management
  • LAB: Information Insights and Discovery

Azure Monitor

Collect, analyze, and act on telemetry data from your Azure and on-premises environments. Azure Monitor helps you maximize performance and availability of your applications and proactively identify problems in seconds.

  • Azure Monitoring Overview
  • Azure Monitor
  • Azure Advisor
  • Activity Log
  • Alerts and Metrics
  • Workbooks
  • LAB: Azure Monitor

Azure Log Analytics

Azure Log Analytics collects logging and monitoring data across a wide variety of resources and platforms. Data is stored in a log analytics workspace where it can be queried.

  • Azure Monitor Logs
  • Log Analytics Workspace
  • Data Collection
  • Log Data Structure
  • Workspace Design
  • LAB: Azure Log Analytics

Kusto Query Language

A Kusto query is a read-only request to process data and return results. The request is stated in plain text, using a data-flow model designed to make the syntax easy to read, author, and automate. The query uses schema entities that are organized in a hierarchy similar to SQL's: databases, tables, and columns.

  • Kusto Query Language
  • Writing Basic Log Queries
  • Filter Data
  • Aggregate Data
  • Using Variables
  • Joining Multiple Tables in a Single Query
  • Functions and Computer Groups
  • LAB: Kusto Query Language

Microsoft Defender for Cloud

Microsoft Defender for Cloud provides unified security management and advanced threat protection across hybrid cloud workloads. With Microsoft Defender for Cloud, you can apply security policies across your workloads, limit your exposure to threats, and detect and respond to attacks.

  • Microsoft Defender for Cloud
  • Defender for Cloud Tiers and Pricing
  • Security Policies
  • Security Recommendations and Secure Score
  • Just in Time VM Access
  • Adaptive Application Controls
  • File Integrity Monitor
  • Adaptive Network Hardening
  • Security Alerts and Incidents
  • LAB: Microsoft Defender for Cloud

Microsoft Sentinel

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

  • Microsoft Sentinel Overview and Pricing
  • Activate Microsoft Sentinel
  • Onboard Security Sources: Data Connectors and Content Hub
  • Sentinel Analytics and Investigation
  • Security Orchestration Automation
  • Threat Hunting
  • Workbooks and Notebooks
  • LAB: Microsoft Sentinel

Securing your cloud infrastructure can be complex and challenging in today's world where users are working from any location on any type of device. To support organizations in protecting themselves from several kinds of attacks, Microsoft offers a broad range of cloud security services targeted at both Microsoft Azure and Microsoft 365. In this training you will learn how to investigate, respond to, and hunt for cyberthreats. You will leave the training with the skills to reduce your organizational risk, respond rapidly to active attacks and advise on improvements to threat protection practices.

This course is intended for system administrators and security specialists responsible for securing and analyzing the cloud IT environment.

Contact Us
  • Address:
    U2U nv/sa
    Z.1. Researchpark 110
    1731 Zellik (Brussels)
  • Phone: +32 2 466 00 16
  • Email:
  • Monday - Friday: 9:00 - 17:00
    Saturday - Sunday: Closed
Say Hi
© 2022 U2U All rights reserved.