Masterclass: Configuring and Managing Microsoft Defender for Endpoint

Live Virtual Class – Super Intensive Remote Practical Training!
(9:00am – 4:00pm CET Monday to Wednesday)
Regular price: 2575 EUR (net)
Early-bird price: 2175 EUR (net, valid until 08.01.2024)

Register now

Masterclass: Configuring and Managing Microsoft Defender for Endpoint

This is an international Live Virtual Class where you will be able to share the learning experience with a group of IT pros from around the world without leaving your home or office! The class is taught fully remotely in English by CQURE Cybersecurity Experts. In order to ensure the highest quality and unique learning experience, the course is limited to 10 participants by default, or supported by an assistant instructor if the number of delegates exceeds 10. During this course, you will have the opportunity to go through practical exercises, interact with our world-renowned Expert and receive a lifelong certification after completing the course!

See the schedule of our all Live Virtual Classes

Upcoming Live Virtual Classes

Live Virtual Class Length Start Date Instructor
Pay & enroll 3 days-21h 29.01.2024 Piotr Pawlik

Eligible for group discount? Click here

Loads of Knowledge

This practical workshop was designed with security professionals in mind, who want to deepen their knowledge and skills in usage of Microsoft monitoring tools and framework. This class was designed by real-life cybersecurity practitioners and thus it is filled with practical exercises, realistic case studies and knowledge that can be put to use right after the class concludes. All exercises are based on O365 and Azure Cloud and performed in a realistic environment prepared by CQURE Experts.

During the first day the group will cover key Microsoft 365 Defender for Endpoint concepts, including overview of the EDR and its best deployment strategies, as well as automation with ServiceNow and 3rd parties.

The next day covers everything you need to know on the Microsoft 365 Defender Stack, including practical features of Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, Microsoft Defender for Server.

The final day of the training is a deep dive into advanced threat hunting. We will also cover the hacker’s perspective and how adversaries may try to hide malware and avoid detection by the EDR. We will run numerous attack scenarios and explore the ways on how they can be detected and remediated for the security of our systems.

This course is ideal for:

SOC analysts, Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

To attend this training, you should have a good hands-on experience in administering Windows infrastructure and basic around public cloud concept (Office 365, Azure).

Unique exercises:

All exercises are based on O365 and Azure Cloud. During the course our finest specialists will use their unique tools, practical exercises and presentations slides with notes.

Platform and Technical Requirements:

To participate in the course you need a Stable internet connection. For best learning experience we also need you to have a webcam, headphones and a microphone. We will setup a secure Zoom classroom for every day of the course – we will send you a safe link to join the conference by e-mail.

Certification:

What is wonderful about our certification is that it is lifetime valid with no renewal fees – the technology changes, but fundamentals and attitude remain mostly the same. Our Virtual Certificates, which entitle you to collect CPE Points, are issued via Accredible.

COURSE FORMULA

Remote Delivery

We are Experts in remote delivery. In the past year, we have organized over 200 days of trainings and we have tested many solutions. The experience remains the same as in the case of face-to-face trainings – a personalized, practical training with a lot of interaction between you and the instructor.

Practical Exercises

You will be carrying out practical exercises on O365 and Azure Cloud.

Lifelong Certification

What is wonderful about our certification is that it is lifetime valid with no renewal fees – the technology changes, but fundamentals and attitude remain mostly the same. Our Virtual Certificates, which entitle you to collect CPE Points, are issued via Accredible.

COURSE SYLLABUS

Module 1

Microsoft 365 Defender for Endpoint – EDR

  1. Intro 101 to Microsoft Defender ecosystem
  2. EDR deployment strategies
  3. EDR installation and configuration
  4. Fine tuning and hardening of EDR configuration
  5. Managing and Maintaining Security Posture
  6. Troubleshooting Common Issues
  7. Automation with ServiceNow and 3rd party

Module 2

Integration with Defender Family

  1. Microsoft 365 Defender Stack Overview
  2. Microsoft Defender for Identity
  3. Microsoft Defender for Cloud Apps
  4. Microsoft Defender for Cloud
  5. Microsoft Defender for Server
  6. EDR integration with Microsoft Azure Sentinel

Module 3

Security Operations with Microsoft EDR (Defender for Endpoints) Advanced Threat Hunting with Defender

  1. EDR integration with Microsoft Azure Sentinel
  2. Security Operations best practices with Microsoft EDR and Sentinel
  3. How to manage Incidents inside EDR and Sentinel
  4. Kusto language 101 – basic and advanced queries
  5. Advanced Hunting
  6. Hacker ways to hide malware and bypass EDR
  7. External Attack Surface Management and integration with Sentinel
Register now

Click here to browse the modules:

YOUR TEACHER

Piotr Pawlik

Cybersecurity Expert, Trainer, former Microsoft MVP Exchange Server

Piotr Pawlik is former Microsoft Most Valuable Professional in Exchange Server Category, CQURE’s Cybersecurity Expert, System Engineer and Unified Communications Expert with experience in design, implementation, and support for Microsoft solutions. During his work for Orange Business Services, Piotr was responsible for planning and deployment of security solutions for the biggest customers in Poland (insurance, banking, education and government sectors) and many customers located in Europe. Piotr’s main areas of expertise are: Microsoft Private Cloud (Hyper-V virtualization and System Center 2012), Microsoft Public Cloud (Office 365 and Azure), Microsoft Exchange Server 2010/2013, Lync Server 2010/2013, Office Communications Servers and Windows Server family. His additional experience includes disaster recovery, capacity planning, virtualization and business continuity. Excellent problem-solving skills and interpersonal skills.

WHO IS IT FOR?

Audience

SOC analysts, Enterprise administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Recommendations

To attend this training, you should have a good hands-on experience in administering Windows infrastructure and basic around public cloud concept (Office 365, Azure).

Exercises

Course exercises are based on O365 and Azure Cloud.

Our students say…

“All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you never use. You’ll find that all of the material you’ll lrarn in the class will be used, at some point, in your security career.”

Jack Perry

Security Principal Consultant - Presido

“Totally professional, total great stuff, in-depth knowledge and a perfect Learning Atmosphere! I like it! Thanks so much for sharing your experience and knowledge!”

Martin Weber

CTO - IT.INNOVATION.4U

“I have attended CQURE’s training as someone who is not a security professional, but just an enthusiast, and I feel like I learned a A LOT. The whole training was loaded with information and nice demos of the latest technologies. On top of that — having an opportunity to ask and talk to professionals was priceless.”

Marek Chmel

SQL SERVER DBA - AT&T

×