This article is contributed. See the original author and article here.


Do you want to become a Microsoft Defender for Office 365 ninja? We can help you get there! We collected content for two roles: “Security Operations (SecOps)” and “Email Security” teams. The content is structured into three different knowledge levels, with multiple modules: Fundamentals, Intermediate, and Advanced. Some topics can be relevant for SecOps as well as for Email Security teams. This training will be updated on a regular basis to ensure you have access to the most current information available.

 

Short Link:  aka.ms/MDONinja

 





COMING SOON: After each level, we will offer you a knowledge check based on the training material you have just finished! Since there’s a lot of content, the goal of the knowledge checks is to help ensure understanding of the key concepts that were covered. Lastly, there’ll be a fun certificate issued at the end of the training! Disclaimer: This is not an official Microsoft certification and only acts as a way of recognizing your participation in this training content.


 


Note: Threat protection product names from Microsoft have recently changed. Read more about this and other updates here



  • Microsoft 365 Defender (previously Microsoft Threat Protection)




  • Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)




  • Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection)




  • Microsoft Defender for Identity (previously Azure Advanced Threat Protection)




 


Please let us know what you think about this training here: https://aka.ms/MDONinjasurvey


 


P.S. I wanted to give my colleague, @Heike Ritter a big thank you for laying the groundwork for Ninja Training and for all of her help, along with @Giulian Garruba@Bruno Nowak! Thank you!


__________________________________________________________________________________


 


Table of Contents


Email Security – Fundamentals


(Deployment / Migration) 


Module 1. Technical overview 


Module 2. Getting started 


(Prevention & Detection) 


Module 3. Configuration (Part I) 


(Awareness) 


Module 4. General Awareness 


 


Email Security – Intermediate


(Prevention & Detection)


Module 1. Configuration (Part II) 


Module 2. Alert Management 


Module 3. Mail flow 


Module 4. Zero Hour Auto-Purge (ZAP) 


(Investigation & Hunting) 


Module 5. Investigating Alerts 


Module 6. Advanced hunting (overview)


Module 7. Automated Investigation and Remediation (AIR) 


Module 8. Threat Insights 


(Response & Remediation) 


Module 9. Alert Handling 


Module 10. Manage Quarantined Messages 


(Reporting) 


Module 11. Reporting 


 


Security Operations – Advanced


(SOC Flows) 


Module 1. SIEM Integration & APIs 


Module 2. False Positive/False Negative Management Flows 


Module 3. Automation 


(Investigation & Hunting)


Module 4. Advanced hunting (Kusto training) 


(Training) 


Module 5. Attack Simulation Training 


 


Supplemental Content (Tech Community links)


 


Legend:






















ang31a_3-1617347525464.png Docs on Microsoft



ang31a_4-1617347525465.png Blogs on Microsoft



ang31a_1-1617658296243.png Product videos



 


ang31a_1-1617347525462.png Webcast recordings


 



ang31a_7-1617347713732.png Tech Community



ang31a_6-1617347525467.png Interactive guides



⤴ External



ang31a_8-1617347728864.png GitHub



 


Email Security – Fundamentals


(Deployment / Migration) 


Module 1. Technical overview 



Module 2. Getting started 



(Prevention & Detection) 


Module 3. Configuration (Part I)



(Awareness) 


Module 4. General Awareness



Email Security – Intermediate


(Prevention & Detection) 


Module 1. Configuration (Part II)



Module 2. Alert Management



Module 3. Mail flow



Module 4. Zero-Hour Auto Purge



(Investigation & Hunting) 


Module 5. Investigating Alerts



Module 6. Advanced Hunting (overview)



Module 7. Automated Investigation and Remediation



Module 8. Threat Insights



(Response & Remediation) 


Module 9. Alert handling



Module 10. Manage quarantined messages



(Reporting) 


Module 11. Reports / Custom Reporting



Security Operations – Advanced


(SOC Flows) 


Module 1. SIEM Integration & APIs



Module 2. False Positive / False Negative Management Flows



Module 3. Automation



(Investigation & Hunting) 


Module 4. Advanced Hunting (Kusto training)



(Training) 


Module 5. Attack Simulation Training



Supplemental Content



 


Please let us know what you think about this training here: https://aka.ms/MDONinjasurvey


 


Interested in other ninja trainings? There are also ninja trainings for: 


Microsoft Defender for Endpoint (MDE) – http://aka.ms/mdeninja 


Microsoft Cloud App Security (MCAS) – http://aka.ms/mcasninja 


Microsoft Defender for Identity (MDI) – http://aka.ms/mdininja


 


 


Follow us on LinkedIn as #DefenderForOffice365. Bookmark the Security blog to keep up with expert coverage on security matters. Also, follow @MSFTSecurity on Twitter and Microsoft Security on LinkedIn for the latest news and updates on cybersecurity. 




Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

%d bloggers like this: