Inhalt des Trainings
The course is dedicated for people who want to learn about Microsoft's cloud environment monitoring tools and framework. At the beginning, we will introduce you to the management of Azure Active Directory, service auditing and logs, roles related to monitoring threats in the cloud, or the implementation of PIM and PAM services.
In the next module we will walk through cloud security configuration best practices with secure score, Azure Defender for servers or security standards recommendations.
During the course you will be able to configure an environment with EDR enabled, where we will try to attack endpoints and user identity and see how EDR behaves. Then we will go through security operations best practices and make hunting queries.
The implemented EDR solution and other components of the security stack will be linked within the Microsoft SIEM, which will allow monitoring and implementation of responses to threats.
Vorkenntnisse
To attend this training, you should have a good hands-on experience in administering Windows infrastructure and basic around public cloud concept (Office 365, Azure).