Course Duration
2 Days
Microsoft
Authorized Training
IT
Course cost:
£2,060.00
IT Certification Overview
This two-day instructor-led course provides delegates with the knowledge and skills to effectively use Microsoft Defender XDR and Security Copilot for responding to cyber-attacks. Delegates will learn how to manage and investigate security incidents within the Defender portal, leveraging automated investigations and threat intelligence.
The course also covers the use of Kusto Query Language (KQL) for advanced threat hunting and introduces Security Copilot as a tool to assist in incident response, script and file analysis, and report generation. Designed for security professionals, this course enables participants to enhance their organisation’s cyber resilience by efficiently detecting, analysing, and mitigating security threats.
Newto Training Reviews
What Our Happy Alumni Say About Us
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
I had absolutely no experience in this field, but Newto Training recognised my potential and supported me every step of the way. The real-life scenarios were invaluable in making me job-ready.
The tutors at Newto are consistently patient, clear and more than willing to help. I couldn't have asked for a better learning environment.
From day one I felt welcomed and supported. The live sessions were interactive and the resources well thought-out. I passed my exam on the first attempt thanks to them.
I was nervous about switching careers but the practical approach and continual 1-to-1 support gave me the confidence I needed to succeed."
The training material was excellent, and the instructors really brought the subject to life with hands-on lab work. I feel fully prepared for the workplace."
What impressed me most was the flexibility and responsiveness of the support team. Whenever I had a question, they were there even outside of normal hours.
The course structure was superb. A great mix of theory and practice delivered at a pace that made sense even for beginners. Highly recommended.
Switching into IT felt overwhelming, but Newto Training made the journey manageable and quite enjoyable. Their coaching style is top class.
I particularly appreciated the way complex topics were broken down into manageable chunks, and the tutor actively encouraged questions at every stage.
The live-taught interactive classes set Newto apart from other providers. It wasn't just video-based learning and the real engagement made all the difference.
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
The cyber course exceeded my expectations. They've been on hand for everything and are constantly in touch with me
The resources provided were spot on and the teaching style made everything easy to understand. I particularly appreciated the extra help offered when needed.
Enrolling with Newto was one of the best decisions I've made. The job-readiness focus, strong teaching and excellent support all stood out.
I completed my SQL course and now feel confident in my skills. The real-world examples and supportive tutors made it all click.
I've just passed my AZ-900 exam thanks to the support received from Ken in the boot camp and his exam preparation sessions.
I've gained a qualification and the confidence to use it in real-world scenarios.
Their commitment to student success is obvious from the personalised guidance to the quality of delivery. I'd recommend them without hesitation.
Every tutor I encountered was professional, encouraging and keen to see me succeed. That personal touch made a big difference.
I'm now in a role I once thought was out of reach, thank you to the all the team
The bootcamps were excellent, we were given practical projects to complete and I feel so much more confident with my coding skills
Prerequisites
An understanding of core technical concepts, including applications, file storage, networking and identities.
An understanding of common security threats and attacks such as malware, phishing, ransomware and software exploits
Instructors will demonstrate features throughout the event. Optional lab exercises are available for students to complete using a commercial Microsoft 365 tenancy with an Azure subscription provided for each student free of charge by QA. The tenancy lasts for 30 days. The Azure subscription will have enough credit to perform lab exercises.
Target audience
This course is designed for:
- Security analysts responsible for monitoring and responding to cyber threats.
- IT administrators with a role in cybersecurity incident response.
Security professionals looking to enhance their skills in Microsoft Defender XDR and Security Copilot.
Learning Objectives
By the end of this course, delegates will be able to:
- Navigate the Microsoft Defender portal and explain integrations with Microsoft services such as Entra ID and Azure.
- Use Defender XDR to investigate and respond to cybersecurity incidents, leveraging automated investigations and threat intelligence.
- Build advanced threat-hunting queries using Kusto Query Language (KQL).
- Onboard and use Copilot for Security to assist with incident response, script and file analysis, KQL query writing, and report generation.
Mastering security analysis with Microsoft Defender XDR Course Content
Overview of Microsoft Defender XDR
- Introduction to Microsoft Defender XDR
-
Cybersecurity attack methodologies
- Zero Trust model
- MITRE ATT&CK framework
- Example attack chains
- Security news and emerging threats
- Microsoft Defender XDR services
- Services overview and capabilities
- Integrations with other Microsoft solutions
- Investigating and responding to security threats
- Lab: Hands-on exploration of Defender XDR
Incident response
-
Managing alerts and incidents
- Alert triage and correlation
- Incident investigation techniques
- Response actions
- Containing and mitigating threats at the device, user, and network level
- Understanding automated attack disruption
- Remediation actions and Action Center
- Automated investigations
- Lab: Incident investigation and response
Advanced threat hunting with KQL
-
Introduction to Kusto Query Language (KQL)
- Guided and advanced query modes
- Understanding the schema
- Saving and sharing queries
- KQL syntax and querying techniques
- Searching, filtering, and sorting data
- Using joins for data correlation
- Summarising and visualising threat data
- Working with strings, dates, and times
- Lab: Writing and executing KQL queries for threat hunting
Security Copilot
-
Onboarding Security Copilot
- Planning and setup
- Creating a capacity and configuring settings
- Understanding available plugins
- Standalone capabilities
- Using prompts for security insights
- System capabilities and automation
- Prompt books for common security tasks
- Incident summaries and guided response
- Script and file analysis
- Advanced threat hunting with Copilot
- Generating incident reports
- Embedded capabilities
- Lab: Leveraging Security Copilot for threat analysis and automation
Exams and Assessments
This course does not include any formal assessments.
Upcoming Dates
Dates and locations are available on request. Please contact us for the latest schedule.
Advance Your Career with Mastering security analysis with Microsoft Defender XDR
Gain the skills you need to succeed. Enrol in Mastering security analysis with Microsoft Defender XDR with Newto Training today.
