Microsoft Security Academy
Welcome to the Microsoft Security Academy, your gateway to comprehensive cybersecurity training and resources.
| Table of Contents | |
|---|---|
| Modules | |
| Other Pages | |
February 9th, 2025 Update📰
| Recent Update (February 9th): Events, Certifications, and Security Copilot Technical Resources |
Many of my partners live and breathe by ServiceNow, but did you know that we recently launched a new case management service in the Defender portal? If not, read about it here!
Most security vendors pitch Zero Trust and phishing-resistant MFA as the foundations, but are you not sure where to start? Grab a coffee and read through our new Zero Trust Deployment Essentials☕
Product names aren’t the only thing known to change at Microsoft, and certifications are no exception. Read about the retirement of the SC-400 and our new SC-401: Information Security Administrator Certification.
In other news, hackers from China, Iran, and other adversaries are increasingly using AI, including Google’s Gemini, to bolster their cyberattacks, according to recent Google threat intelligence research.
A new administration is in office, and that means many federal employees are moving on to new opportunities – including Jen Easterly, the former and esteemed Director of CISA. It’s notable (and shouldn’t come as a surprise to absolutely anyone) that in her final days, she wrote about the increasing threats we face from the PRC and MSS, which you can read about here.
Speaking of CISA… we just published an Expanded Cloud Log Implementation Playbook in coordination with our federal counterparts, and it’s worth a bookmark.
Remember how the U.S. State Department caught Chinese hackers snooping around Microsoft’s email systems? They used the now infamous “Big Yellow Taxi” KQL detections, which you can find here🚕
In response to the Exchange breach and others like it, we’re continuing to improve our defenses. Read more about our recent progress here.
Other News
Log Analytics can be tricky, but our new Simple Mode makes it easier than ever before!
We recently published 3 takeaways from red teaming 100 generative AI products✏️
If you’re looking for an easier way to consume Microsoft Sentinel’s extensive GitHub repository, this is a helpful catalog.
We also recently launched a Zero Trust partner kit which includes pre-packaged and co-branded resources for you to use with customers. Just add your own branding!
The Microsoft Incident Response team recently created a compilation of incident response/TTP guides, best practices, and threat-hunting strategies, known as the Microsoft Incident Response Ninja Hub.
We’re excited to announce Auxiliary Logs, a cost-effective solution for verbose logs. Azure Monitor now offers three plans: Analytics, Basic, and Auxiliary. (Auxiliary Logs = Basic Logs + Archive Tier)
We’re also excited to announce Summary Rules, which aggregate data at ingestion. You can even apply detection rule logic to Summary Rules!
Events🎯
| Topic | Date | Register | |
|---|---|---|---|
| Microsoft Defender XDR | Get the most out of MDVM | FEB 12 | Register |
| Microsoft Defender XDR | Automatic Attack Disruption | FEB 18 | Register |
| Microsoft Sentinel | Managing Repositories | FEB 19 | Register |
| Microsoft Defender XDR | Insider Risk Management Data | FEB 25 | Register |
| Azure Network Security | Azure WAF Rulesets | FEB 26 | Register |
| Microsoft Defender XDR | Licensing & Site Security | FEB 27 | Register |
| Microsoft Defender for Cloud | API Security Posture | MAR 5 | Register |
| Azure Network Security | DDoS Protection & Azure WAF | MAR 6 | Register |
| Microsoft Purview | Microsoft Purview AMA | MAR 12 | Register |
| Azure Network Security | What’s new in Azure Firewall | MAR 20 | Register |
| Microsoft Sentinel | Transition to Unified SOC Platform | APR 1 | Register |
| Microsoft Sentinel | What’s new in Microsoft Sentinel | APR 10 | Register |
| Microsoft Defender XDR | SaaS Security Exposure Reduction | APR 23 | Register |
| Microsoft Sentinel | Unified SOC: Advanced Insights | MAY 14 | Register |
Start Your Journey
- Get started
- Basic cyber hygiene prevents 98% of attacks
- Microsoft’s Incident Response Guide
- Secure Cloud Business Applications (SCuBA) Project – CISA
Stay Connected🔗
Join our Security Connection Program where you can have influence in helping us shape our products together.
Stay connected with our Security Community, your peers, find guidance and resources, view technical and roadmap related questions, and more.
- Microsoft Sentinel Blog
- Microsoft Defender XDR Blog
- Microsoft Defender for Cloud Blog
- Microsoft Entra Blog
- Azure Network Security Blog
- Microsoft Defender for Endpoint Blog
- Microsoft Defender for IoT Blog
- Security, Compliance, and Identity Blog
Want to be a Ninja?
Microsoft Ninja trainings are sets of organized learning modules that guide you through the advanced features and functions of our products.
- Microsoft Security Copilot Ninja Training
- Microsoft Unified SOC Platform Ninja Training
- Microsoft Sentinel Ninja Training – Recently updated
- Microsoft Sentinel Automation Ninja Training
- Microsoft Defender Threat Intelligence Ninja Training
- Microsoft Sentinel Notebooks Ninja Training
- Microsoft Defender XDR Ninja Training
- Microsoft Defender for Office 365 Ninja Training
- Microsoft Defender for Identity Ninja Training
- Microsoft Defender for Cloud Apps Ninja Training
- Microsoft Defender for Cloud Ninja Training
- Microsoft Defender External Attack Surface Management Ninja Training
- Azure Network Security Ninja Training
- Microsoft Defender for Endpoint Ninja Training
- Microsoft Defender for IoT Ninja Training
- Microsoft Purview eDiscovery Ninja Training
- Microsoft Purview Information Protection Ninja Training
- Microsoft Purview Data Loss Prevention (DLP) Ninja Training
- Insider Risk Management Ninja Training
Microsoft Cybersecurity Reference Architecture (MCRA)🔒
