Training Course Mastering Threat Analysis and Response in Microsoft 365 and Azure
- Price
- Duration
- Number of hours
Each session will take place even if only one person is registered (except in cases of force majeure).
Description of the Training Course Mastering Threat Analysis and Response in Microsoft 365 and Azure
In a context of widespread digital transformation, Microsoft 365 and Azure services have become the foundation of business communications, productivity and infrastructure. They are also high-value targets for attackers, who exploit identity weaknesses, configuration drift and lack of monitoring to compromise organisations of all sizes.
Format
Remote (recorded sessions).
GOOD TO KNOW
This training course includes numerous exercises (60% practical) to enhance learning. Each session will take place even if only one person is registered (except in cases of force majeure). A preliminary interview is held between the participant and/or a company representative in order to fully assess the participant’s profile (level, needs, professional context, challenges, etc.).
Assessment : during the training course, the trainer assesses the participants’ progress through multiple-choice questions, role-playing exercises and practical work. Participants receive a certificate of completion at the end of the training course.
This training course is part of our Cybersecurity Training. Discover our other cybersecurity courses to strengthen your IT system protection against current threats.
This training course is also part of our Cloud Computing Training. Discover our other cloud trainings to master architectures, services and best practices on AWS, Microsoft Azure, VMware and Google Cloud Platform.
objectives of the Training Course Microsoft 365 and Azure
By the end, each participant will be able to :
- Understand the roles and responsibilities of a SOC analyst on Microsoft
- Deploy and configure Microsoft Defender for Endpoint, Identity, Office 365, and Cloud Apps
- Use Microsoft Sentinel to collect, correlate, and investigate alerts
- Perform guided investigations, define detection rules (KQL), manage incidents
- Create automated playbooks for threat response
Prerequisites for the Training Course Microsoft 365 and Azure
- Knowledge of the fundamentals of Microsoft 365/Azure
- Basic understanding of IT security, SIEM, incidents, and logging
- Because each participant is unique, a personalised interview with our expert allows us to design a training course that is perfectly aligned with their objectives, level and professional challenges.
Target Audience
SOC analysts, Microsoft 365/Azure administrators, consultants, or anyone wishing to develop their skills in active defence in Microsoft environments.
Detailed of the Training Course Mastering Threat Analysis and Response in Microsoft 365 and Azure
Introduction to Microsoft cybersecurity and the role of a SOC analyst
Overview of Microsoft security tools, Blue Team roles, MITRE ATTACK, monitoring architecture.
Microsoft Defender for Endpoint and Identity
Deployment, configuration, alerts, behavioural detection, local investigation, automated remediation.
Microsoft Defender for Office 365 and Cloud Apps
Analysis of Defender for Office 365, Cloud Apps (MCAS), DLP policies, access alerts, and user behaviour.
Microsoft Sentinel (SIEM/SOAR)
Architecture, data connectors, KQL analysis, investigation, investigation log, incident management.
Automate threat response
Playbooks with Logic Apps, automatic enrichment, rule-driven response, automation scenarios.
The advantages of this training course
This training course :
- Includes practical exercises in simulated environments (labs) to effectively build skills
- Combines hands-on experience with Microsoft tools + defence strategy and real-world investigation
- Suitable for SOC Analysts at levels 1 to 2 in Microsoft 365 or hybrid contexts
FAQ – Microsoft 365 and Azure Training
What is the difference between Microsoft 365 and Azure?
Microsoft 365 is the productivity SaaS suite — Office apps, Teams, SharePoint, Exchange, OneDrive, Microsoft Entra, Intune, and security/compliance services bundled for end users. Azure is the public cloud platform — IaaS and PaaS for hosting infrastructure, applications, databases, AI services, and integrations. They share Microsoft Entra for identity and increasingly converge in security and AI products. MFE-IT trains IT teams on understanding and operating both platforms together.
How do Microsoft 365 and Azure work together?
Microsoft 365 and Azure share Microsoft Entra ID for identity (single sign-on across all services), unified security with Microsoft Defender, governance via Microsoft Purview, and increasingly common admin experiences. Azure can host custom apps that consume Microsoft 365 data via Microsoft Graph and trigger workflows in Power Platform. The MFE-IT Microsoft 365 and Azure training covers concrete integration patterns.
Should I learn Microsoft 365 or Azure first?
It depends on your role: end-user or business support roles benefit from starting with Microsoft 365 (Teams, Exchange, SharePoint); developers or infrastructure professionals usually start with Azure (compute, networking, identity, DevOps). Either is valuable as long as you eventually broaden to the other half. Through MFE-IT’s hands-on approach, learners explore both platforms with role-appropriate depth.
Is Microsoft Entra part of Azure or Microsoft 365?
Microsoft Entra (formerly Azure Active Directory) is the identity service shared by both Microsoft 365 and Azure. Historically branded as part of Azure, it is now positioned as the cross-cloud identity platform underpinning Microsoft’s whole cloud ecosystem. Our MFE-IT training course on Microsoft 365 and Azure clarifies how Entra connects all the pieces and how to administer it efficiently.
Would you like to know about upcoming sessions ?
Would you like to schedule this training course on a specific date ? Contact us by email or by filling out the contact form.