Identify security risks by using Cloud Security Posture Management

Module
7 Units

Intermediate

Security Engineer

Microsoft Defender for Cloud

Azure

In this module, you use Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud to identify, prioritize, and trace security risks across Azure environments — including generative AI workloads. You compare Foundational and Defender CSPM plan capabilities, interpret the risk-based Cloud Secure Score, investigate attack paths targeting cloud and AI resources, and run graph-based queries in Cloud Security Explorer to proactively discover hidden risks.

Learning objectives

After completing this module, you will be able to:

Differentiate Foundational CSPM and Defender CSPM plan capabilities, including AI security posture management features
Interpret the Cloud Secure Score and security recommendations using the risk-based prioritization model in the Microsoft Defender portal
Identify externally exploitable attack paths — including those targeting AI workloads — using attack path analysis
Run graph-based queries in Cloud Security Explorer to proactively discover security risks across Azure environments

Prerequisites

Familiarity with Microsoft Defender for Cloud at a basic level
Understanding of Azure resource types and Azure role-based access control (RBAC)
Knowledge of cloud security concepts including misconfigurations, vulnerabilities, and exposure

Get started with Azure

Choose the Azure account that's right for you. Pay as you go or try Azure free for up to 30 days. Sign up.

Introduction min
Explore CSPM plans and posture visibility min
Analyze security recommendations with risk prioritization min
Identify attack paths and choke points min
Hunt for risks with cloud security explorer min
Knowledge check min
Summary min

Start