Explore threat intelligence in Microsoft Defender XDR

Module
10 Units

Intermediate

Administrator

Solution Architect

Technology Manager

Microsoft 365

Office 365

This module examines how Microsoft 365 Threat Intelligence provides admins with evidence-based knowledge and actionable advice that can be used to make informed decisions about protecting and responding to cyber-attacks against their tenants.

Learning objectives

By the end of this module, you should be able to:

Describe how threat intelligence in Microsoft 365 is powered by the Microsoft Intelligent Security Graph.
Create alerts that can identify malicious or suspicious events.
Understand how the automated investigation and response process works in Microsoft Defender XDR.
Describe how threat hunting enables security operators to identify cybersecurity threats.
Describe how Advanced hunting in Microsoft Defender XDR proactively inspects events in your network to locate threat indicators and entities.

Prerequisites

None

Introduction min
Explore Microsoft Intelligent Security Graph min
Explore alert policies in Microsoft 365 min
Run automated investigations and responses min
Explore threat hunting with Microsoft Threat Protection min
Explore advanced threat hunting in Microsoft Defender XDR min
Explore threat analytics in Microsoft 365 min
Identify threat issues using Microsoft Defender reports min
Knowledge check min
Summary min