We may earn an affiliate commission when you visit our partners.
Whizlabs Instructor
This course covers the end-to-end workflow of cloud security operations using Microsoft Sentinel (SIEM & SOAR) and Microsoft Defender XDR. You’ll explore workspace planning, SIEM roles, SOAR automation, threat detection, and hunting queries in Sentinel. You’ll then move into Defender XDR configuration, integration with Sentinel, and best practices for incident response. Finally, you’ll learn about the entire Microsoft Defender product family (Defender for Cloud Apps, Office 365, Identity, and Endpoint) to build a unified threat protection strategy.
Read more
This course covers the end-to-end workflow of cloud security operations using Microsoft Sentinel (SIEM & SOAR) and Microsoft Defender XDR. You’ll explore workspace planning, SIEM roles, SOAR automation, threat detection, and hunting queries in Sentinel. You’ll then move into Defender XDR configuration, integration with Sentinel, and best practices for incident response. Finally, you’ll learn about the entire Microsoft Defender product family (Defender for Cloud Apps, Office 365, Identity, and Endpoint) to build a unified threat protection strategy.
Read more
This course covers the end-to-end workflow of cloud security operations using Microsoft Sentinel (SIEM & SOAR) and Microsoft Defender XDR. You’ll explore workspace planning, SIEM roles, SOAR automation, threat detection, and hunting queries in Sentinel. You’ll then move into Defender XDR configuration, integration with Sentinel, and best practices for incident response. Finally, you’ll learn about the entire Microsoft Defender product family (Defender for Cloud Apps, Office 365, Identity, and Endpoint) to build a unified threat protection strategy.
By the end of this course, you’ll be confident in deploying, configuring, and managing Microsoft Sentinel and Microsoft Defender XDR to detect, investigate, and respond to modern cloud threats.
Who Should Take This Course?
SOC Analysts and Incident Responders
Cloud Security Engineers and Azure Administrators
IT Security Professionals looking to implement SIEM + XDR
Learners preparing for SC-200 or seeking advanced Microsoft security skills
Course Format
This course delivers 6–7 hours of expert-led video content, split across four modules. Each module includes demos, configuration guides, and best practices. Knowledge checks and in-video questions are included to help reinforce learning.
Course Modules:
Module 1: Azure Security Foundations: Networking, Key Vault & Defender
Module 2: Microsoft Sentinel: SIEM & SOAR for Cloud Security Operations
Module 3: Microsoft Defender XDR: Configuration, Integration & Best Practices
Register for this course and see more details by visiting:
OpenCourser.com/course/xkf1r0/microsoft
Here's a deal for you
Save money when you learn with a deal that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Get offer
What's inside
Syllabus
Azure Security Foundations: Networking, Key Vault & Defender
Welcome to Week 1 of this course! We’ll begin with the essential building blocks for securing Azure workloads. You’ll explore Azure networking security, including Azure DDoS Protection, Azure Bastion, and Azure Firewall, to understand how to defend your resources at the network edge. Next, we’ll dive into network segmentation using Azure Virtual Networks, and configure Network Security Groups (NSG) and Application Security Groups (ASG) with hands-on demos. You’ll also explore Azure Key Vault and see how to secure application secrets and configuration data using App Configuration and Key Vault demos. Finally, we’ll introduce Microsoft Defender for Cloud, its Cloud Security Posture Management (CSPM) capabilities, and workload protection features to help you proactively strengthen your cloud security posture.
Read more
Syllabus
Azure Security Foundations: Networking, Key Vault & Defender
Welcome to Week 1 of this course! We’ll begin with the essential building blocks for securing Azure workloads. You’ll explore Azure networking security, including Azure DDoS Protection, Azure Bastion, and Azure Firewall, to understand how to defend your resources at the network edge. Next, we’ll dive into network segmentation using Azure Virtual Networks, and configure Network Security Groups (NSG) and Application Security Groups (ASG) with hands-on demos. You’ll also explore Azure Key Vault and see how to secure application secrets and configuration data using App Configuration and Key Vault demos. Finally, we’ll introduce Microsoft Defender for Cloud, its Cloud Security Posture Management (CSPM) capabilities, and workload protection features to help you proactively strengthen your cloud security posture.
Read more
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Activities
Coming soon
We're preparing activities for
Microsoft Security Solutions Capabilities.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Microsoft Security Solutions Capabilities will develop knowledge and skills
that may be useful to these careers:
Security Operations Center Analyst
Security Operations Center Analyst
A Security Operations Center Analyst monitors, detects, and triages security incidents within an organization. This course provides comprehensive training essential for a modern SOC Analyst, focusing on Microsoft’s threat detection and response ecosystem. Learners delve into Microsoft Sentinel, mastering its SIEM and SOAR capabilities, including threat detection rules, hunting queries using KQL, and automation features. The course also covers Microsoft Defender XDR configuration, integration with Sentinel, and incident response best practices. This equips professionals to investigate and respond effectively to cloud threats. Taking this course ensures a Security Operations Center Analyst is proficient in leveraging Microsoft's advanced tools for proactive defense and rapid incident resolution.
Incident Responder
Incident Responder
An Incident Responder acts quickly to investigate and mitigate security breaches, minimizing damage and recovery time. This course directly enhances the capabilities of an Incident Responder by providing in-depth knowledge of Microsoft’s response tools. It extensively covers Microsoft Sentinel’s SOAR automation and threat detection features, enabling swift and effective incident handling. Learners also master Microsoft Defender XDR configuration, integration, and incident response best practices across the Defender product family (Cloud Apps, Office 365, Identity, Endpoint). This detailed training ensures an Incident Responder can confidently detect, investigate, and respond to modern cloud threats using Microsoft's unified threat protection strategy.
Threat Hunter
Threat Hunter
A Threat Hunter proactively searches for undetected threats and vulnerabilities within an organization's environment. This course is highly relevant for a Threat Hunter, offering specialized skills in leveraging Microsoft Sentinel for advanced threat detection. Learners gain hands-on experience with threat hunting techniques, including reviewing sample KQL queries and practical demos to identify sophisticated attacks. The course’s focus on Sentinel’s advanced capabilities for correlating logs and identifying anomalies, alongside understanding Microsoft Defender XDR’s threat intelligence, provides a powerful toolkit. This particular course empowers a Threat Hunter to meticulously scan for and neutralize hidden threats using Microsoft's cutting-edge security platform.
Cloud Security Engineer
Cloud Security Engineer
A Cloud Security Engineer designs, implements, and manages robust security controls for cloud environments. This course profoundly prepares individuals for this role by mastering Microsoft's advanced security ecosystem. It covers Azure security foundations, including networking, Key Vault, and Microsoft Defender for Cloud’s posture management and workload protection. Learners gain expertise in deploying and managing Microsoft Sentinel for SIEM and SOAR automation, crucial for comprehensive monitoring and incident response. Additionally, configuring Microsoft Defender XDR for threat detection and response builds practical skills. This course uniquely equips an aspiring Cloud Security Engineer to confidently secure modern cloud infrastructures using Microsoft’s security solutions.
Identity and Access Management Engineer
Identity and Access Management Engineer
An Identity and Access Management Engineer designs and implements secure identity and access solutions, controlling who can access what resources. This course provides highly relevant expertise for an Identity and Access Management Engineer, focusing on Microsoft Entra ID. Learners explore Privileged Identity Management (PIM) for just-in-time access, conduct access reviews, and automate provisioning/deprovisioning. The course also covers Microsoft Entra ID Protection to detect and mitigate identity risks, alongside configuring MFA, passwordless authentication, and Conditional Access policies. Implementing RBAC effectively at various scopes is also detailed, ensuring an Identity and Access Management Engineer can build robust, secure access frameworks.
Azure Security Administrator
Azure Security Administrator
An Azure Security Administrator implements and manages security controls for Azure resources, ensuring compliance and protection. This course is ideally suited for an Azure Security Administrator, providing deep insights into securing Azure workloads. It covers essential Azure security foundations, including networking security with DDoS Protection, Azure Firewall, and network segmentation using NSGs and ASGs. Learners also explore Azure Key Vault for securing application secrets and master Microsoft Defender for Cloud’s Cloud Security Posture Management and workload protection features. This comprehensive training equips an Azure Security Administrator to confidently deploy, configure, and manage a robust security posture within the Azure ecosystem.
Security Engineer
Security Engineer
A Security Engineer implements, maintains, and troubleshoots security systems and tools. This course is directly relevant for a Security Engineer, providing comprehensive mastery of Microsoft’s advanced detection, response, and threat protection ecosystem. Learners acquire hands-on skills in deploying, configuring, and managing Microsoft Sentinel for SIEM and SOAR automation, alongside Microsoft Defender XDR for unified threat protection. The curriculum covers Azure security foundations, including networking, Key Vault, and Defender for Cloud, essential for securing modern cloud environments. This particular course empowers a Security Engineer to effectively manage and optimize Microsoft security solutions, ensuring robust protection against evolving cyber threats.
Security Consultant
Security Consultant
A Security Consultant advises organizations on security strategies, assessments, and implementations. This course is highly beneficial for a Security Consultant, equipping them with deep, practical knowledge of Microsoft’s advanced security solutions. Learners gain expertise in deploying and managing Microsoft Sentinel for SIEM/SOAR, and configuring Microsoft Defender XDR for comprehensive threat protection across the Defender product family. The understanding of Azure security foundations, including network segmentation and identity protection with Entra ID, allows a Security Consultant to provide informed recommendations and assist clients in building robust Microsoft-centric security postures. This course fosters confidence in guiding organizations through complex security challenges.
Security Architect
Security Architect
A Security Architect designs and builds high-level security solutions and frameworks for an enterprise. While this role typically requires extensive experience and often an advanced degree, this course provides foundational knowledge in Microsoft's security ecosystem that is invaluable. Understanding the capabilities of Microsoft Sentinel (SIEM/SOAR), Microsoft Defender XDR, and Azure security foundations from this course enables a Security Architect to design secure cloud architectures leveraging these specific Microsoft technologies. The insights into network security, identity protection, and threat response strategies are crucial for informed architectural decisions. This course helps build a foundation for designing resilient Microsoft-centric security infrastructures.
Information Security Analyst
Information Security Analyst
An Information Security Analyst protects an organization's information systems from cyber threats, often encompassing a broad range of security tasks. This course is highly beneficial for an Information Security Analyst, especially one focused on cloud environments and Microsoft technologies. It covers the end-to-end workflow of cloud security operations using Microsoft Sentinel (SIEM & SOAR) and Microsoft Defender XDR for advanced detection, response, and threat protection. Learners gain practical skills in Azure security foundations, threat hunting, and identity protection. This comprehensive training equips an Information Security Analyst with the tools and understanding to effectively monitor, analyze, and mitigate security risks across the Microsoft ecosystem.
Security Operations Center Manager
Security Operations Center Manager
A Security Operations Center Manager oversees the SOC team, strategy, and overall security operations. While this role typically requires significant experience, understanding the operational details of Microsoft's security tools as taught in this course is critical. Learners gain insight into deploying and managing Microsoft Sentinel for SIEM/SOAR and configuring Microsoft Defender XDR for incident response. This knowledge allows a Security Operations Center Manager to make informed decisions regarding tool utilization, team workflows, and overall security strategy. The course provides a granular understanding of the capabilities and best practices of Microsoft's security ecosystem, which may be helpful for effective leadership and strategic planning.
Cloud Administrator
Cloud Administrator
A Cloud Administrator manages and maintains cloud infrastructure, including its security configurations. This course provides valuable security insights that may be helpful for a Cloud Administrator, especially those working with Azure. Learners explore Azure security foundations, encompassing networking security, Key Vault for sensitive data, and Microsoft Defender for Cloud’s capabilities for strengthening cloud security posture. While not solely focused on administration, understanding the deployment and configuration of Microsoft Sentinel and Defender XDR as covered in this course can significantly enhance a Cloud Administrator's ability to ensure secure and compliant cloud operations within a Microsoft environment.
DevOps Security Engineer
DevOps Security Engineer
A DevOps Security Engineer integrates security practices and tools into the DevOps lifecycle, securing applications and infrastructure from development to deployment. This course may be helpful for a DevOps Security Engineer working within the Azure ecosystem. It covers Azure security foundations, including networking security and Azure Key Vault for securing application secrets and configuration data, which are vital for secure CI/CD pipelines. Understanding Microsoft Defender for Cloud's workload protection and CSPM capabilities also helps in proactively strengthening deployed cloud security posture. This course provides foundational knowledge in Microsoft security solutions that can be applied to build more secure DevOps practices.
Governance Risk and Compliance Analyst
Governance Risk and Compliance Analyst
A Governance Risk and Compliance Analyst ensures an organization adheres to security policies, regulations, and industry standards. This course may be useful for a GRC Analyst, particularly in understanding the technical implementation of security controls within a Microsoft cloud environment. The curriculum covers Microsoft Defender for Cloud’s Cloud Security Posture Management (CSPM) capabilities, which are crucial for assessing compliance. Furthermore, the detailed exploration of identity protection features like Privileged Identity Management, access reviews, and implementing RBAC effectively provides insights into establishing compliant access frameworks. This course offers valuable context on how Microsoft security solutions can support an organization's GRC objectives.
Cybersecurity Trainer
Cybersecurity Trainer
A Cybersecurity Trainer educates professionals on security concepts, tools, and best practices. This course may be useful for a Cybersecurity Trainer specializing in Microsoft security solutions, as it provides a deep dive into the Microsoft Sentinel, Microsoft Defender XDR, and Threat Protection ecosystem. The expert-led video content, demos, configuration guides, and best practices offer comprehensive material for building specialized curriculum or enhancing instructional knowledge. Learning about Azure security foundations, SIEM/SOAR automation, threat hunting, and identity protection directly from this course can significantly bolster a Cybersecurity Trainer's expertise in these specific Microsoft technologies, enabling them to impart practical, up-to-date knowledge to their students.
For more career information including salaries, visit:
OpenCourser.com/course/xkf1r0/microsoft
Reading list
We haven't picked any books for this reading list yet.
Provides a field guide to threat hunting and incident response using Microsoft Defender XDR. It covers a variety of topics, including threat hunting, incident response, and threat intelligence.
Provides a basic overview of Microsoft Sentinel for non-technical readers. It good starting point for security professionals who are new to Microsoft Sentinel.
Provides a practical guide to security operations for the modern enterprise using Microsoft Defender XDR. It covers a variety of topics, including threat monitoring, threat investigation, and incident response.
Provides a comprehensive guide to threat detection and response for the enterprise using Microsoft Defender XDR. It covers a variety of topics, including threat intelligence, threat hunting, and incident response.
Provides a comprehensive guide to security operations for the modern enterprise using Microsoft Defender XDR. It covers a variety of topics, including threat monitoring, threat investigation, and incident response.
Takes a deep dive into advanced threat hunting and detection techniques using Microsoft Defender XDR. It covers topics such as threat hunting strategies, leveraging threat intelligence, and using machine learning for detection.
Provides a comprehensive guide to threat detection and response for the modern enterprise using Microsoft Defender XDR. It covers a variety of topics, including threat intelligence, threat hunting, and incident response.
Provides a comprehensive overview of cloud security compliance. It covers topics such as cloud security standards, cloud security regulations, and cloud security audits.
Provides a comprehensive overview of Microsoft Azure Security Center. It covers topics such as Azure Security Center architecture, security monitoring, and threat detection and response.
Provides a comprehensive overview of cloud security risks and best practices. It is an excellent resource for anyone who wants to learn more about how to protect data and applications in the cloud.
Save
Provides a comprehensive overview of cloud security for IT professionals. It covers topics such as cloud security risks, cloud security controls, and cloud security compliance.
Provides a deep dive into the technical aspects of cloud security. It covers topics such as cloud security architectures, security controls, and threat detection and response.
Provides a comprehensive overview of cloud security, covering everything from basic concepts to advanced topics such as threat detection and incident response. It is an excellent resource for anyone who wants to learn more about cloud security.
Provides a hands-on approach to cloud security. It covers topics such as cloud security assessment, cloud security testing, and cloud security incident response.
Focuses on the security and privacy challenges faced by enterprises that are adopting cloud computing. It provides practical guidance on how to protect data, applications, and infrastructure in the cloud.
Provides a detailed guide to malware analysis, covering topics such as malware identification, reverse engineering, and threat hunting. It valuable resource for cybersecurity professionals responsible for detecting and mitigating malware.
Introduces the fundamentals of cybersecurity operations, covering topics such as threat detection, incident response, and security monitoring. It great starting point for those with little to no experience in this field.
This lab manual provides hands-on exercises that allow learners to practice and apply cybersecurity concepts. It covers topics such as network security, cryptography, and incident response, making it a valuable resource for students and professionals alike.
Prepares individuals for the CEH v11 certification, covering a wide range of cybersecurity topics including ethical hacking, network security, and malware analysis. It valuable resource for those pursuing a career in cybersecurity operations.
This handbook provides a comprehensive overview of cybersecurity operations, covering topics such as threat intelligence, incident response, and security monitoring. It valuable resource for professionals looking to enhance their skills in this field.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/xkf1r0/microsoft
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Effort
3 week of study, 4 hours/week
Level
Intermediate
Via
Coursera
Institution
Whizlabs
Instructor
Whizlabs Instructor
Session
November 3, 2025
- December 1, 2025
Language
English
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser