Security Solution Area
Purpose
A Collection of resources for Microsoft practice building in the Security solution area. For a view of other solution areas, please see the Taxonomy.
To contribute to the PartnerCrucible, see Contributor’s Guide.
Industry Perspective
| Source | Description | Notes |
|---|---|---|
| A new world of security: Microsoft’s Secure Future Initiative | Secure Future Initiative (SFI) - This new initiative will bring together every part of Microsoft to advance cybersecurity protection. It will have three pillars, focused on AI-based cyber defenses, advances in fundamental software engineering, and advocacy for stronger application of international norms to protect civilians from cyber threats. | Microsoft Blog |
| Microsoft Digital Defense Report 2024 | Microsoft’s unique, expansive, and global vantage point gives us unprecedented insight into key trends in cybersecurity affecting everyone from individuals to nations. The spectrum of security signals we see is further enhanced by the diversity of our customers and partners, including governments, enterprises large and small, consumers, and gamers. | Microsoft |
| The Cost of Inaction | A CISO’s guide to getting the board of directors to invest in cybersecurity | |
| 2023 MITRE Engenuity ATT&CK® Evaluations | For the fifth consecutive year, Microsoft 365 Defender demonstrated industry-leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. | MITRE |
| Forrester Wave™: Zero Trust Platform Providers | Q3 2023 - Microsoft is proud to be recognized as a Leader in the Forrester Wave™: Zero Trust Platform Providers, Q3 2023 report | Forrester |
| Forrester Wave™: Workforce Identity Platforms | Q1 2024 - Forrester has recognized Microsoft as a Leader in the Forrester Wave™: Workforce Identity Platforms, Q1 2024 report. | Forrester |
| Microsoft is again named the overall leader in the Forrester Wave for XDR | Microsoft has been named a leader in The Forrester Wave: Extended Detection and Response (XDR) platforms, Q2, 2024, with the highest scores in the strategy, current offering, and market presence categories. | Forrester |
| Magic Quadrant™ for Access Management | 2024 Gartner® Magic Quadrant™ recognition validates our commitment to delivering a comprehensive, AI-powered and automated identity portfolio to customers, with Microsoft Entra | Gartner |
| Microsoft Entra ID named leader in KuppingerCole’s Access Management Leadership Compass | Microsoft has been recognized as an overall leader in Access Management, as we view identity as the trust fabric for the digital ecosystem, a critical ground zero from which all downstream interactions originate and rely on. | Tech Community |
| Microsoft Defender for Office 365 gets highest rating in SE Labs Enterprise Email Security Services test for Q1 2023 | n the SE Labs report, Microsoft Defender for Office 365 received the AAA Protection Award | Blog |
| Microsoft recognized as a Leader in The Forrester Wave™: Data Security Platforms, Q1 2023 | Forrester listed Microsoft as a Leader in its 2023 Wave™ for Data Security Platforms. The Forrester Wave™ report evaluates the data security platform market and provides a detailed overview of the current offering, strategy, and market presence of these vendors. Microsoft received the highest possible score in the current offering category for data classification, data threat and risk visibility, data masking or redaction, encryption, rights management, privacy use cases, and integrations for Zero Trust criteria; and in the strategy category for the product vision, execution roadmap, and community engagement criteria. | Forrester |
| 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms | #Microsoft a #Leader in the 2023 Gartner® Magic Quadrant™ for Endpoint Protection Platforms. | Gartner |
| The Partner Opportunity For Microsoft Security | A Total Economic Impact™ Partner Opportunity Analysis | Forrester July 2024 |
| 2022 Magic Quadrant for Endpoint Protection Platforms | Microsoft is named a Leader in the 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms | Gartner |
| Security Insider | Includes thread briefs, reports, behind the scenes, and threat actor insights | Security Insider |
| Security Blog | Official Microsoft Security Blog | … |
| MISA | The Microsoft Intelligent Security Association (MISA) is an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats | The Microsoft Intelligent Security Association (MISA) |
| Implementing a Zero Trust Architecture | Since 2022, the NCCoE has collaborated with 24 vendors, including Microsoft, on developing a practice guide with practical steps for organizations eager to implement cybersecurity reference designs for Zero Trust. Zero Trust principles include assuming compromise (assuming breach) to drive a holistic and practical security approach, verifying trust explicitly before granting access to assets, and limiting the blast radius by granting the least privilege necessary. | NIST |
| Microsoft Zero Trust Cpapability Mapping to NIST ZT Architecture | diagram to showcase a mapping of all the MS security products to the architecutre. | Microsoft |
| Microsoft Ignite 2024 - Book of News - Security | Key announcements from Ignite 2024 in the areas of : Exposure Management, Microsoft Puview, Copilot for Security, Intune, Entra, and Defender | Microsoft Ignite |
Community
| Source | Description | Notes |
|---|---|---|
| Security, Compliance, and Identity | Microsoft Tech Community for Security, Compliance, and Identity | Tech Community |
| Customer Connection Programs | This form is used for accessing the following communities: Cloud Security Customer Connection Program, Microsoft 365 Defender Customer Connection Program, Management Customer Connection Program, Microsoft Entra Advisors | Microsoft Community |
| Afternoon Cyber Tea with Ann Johnson | Ann Johnson, Corporate Vice President, Business Development, Security, Compliance & Identity at Microsoft, talks with cybersecurity thought leaders and influential industry experts about the trends shaping the cyber landscape and what should be top-of-mind for the C-suite and other key decision makers. Ann and her guests explore the risk and promise of tools and systems powered by AI, IoT, machine learning, and other emerging technology, as well as the impact on how humans work, communicate, consume information, and live in this era of digital transformation. Please note, the opinions expressed by guests on this podcast are their own and are not endorsed by, nor do they necessarily reflect opinions of, Microsoft or Ann Johnson. | Spotify |
| Get Security Done (GSD) | Looking to collaborate on helping Customers and Partners uplift Security via the Microsoft Defender Suite | from @dcaddick |
| My Faber Security | Security, Compliance, and Identity blogs, focusing on Microsoft Security offerings. | from @AngelicaFaber |
| Rod’s Blog | Microsoft Security and AI with lots of Microsoft Sentinel Sprinkled in. This is not an official Microsoft blog. | Blog |
| Must Learn AI Security | This is the book version of the Must Learn AI Security series. It will be updated each time a new part of the series is released. | GitHub |
| Entra.News | Entra.News is a weekly newsletter of the latest Microsoft Entra related news, blog posts and videos from Microsoft, MVPs and infosec experts, curated by Merill Fernando. | Entra.News |
Partner Practice Building
| Source | Description | Notes | |
|---|---|---|---|
| Security Partner Playbook | Describes Microsoft GTM Strategy, Solution Plays, Partner Priorities, and Key Resources | Partner FY24 | |
| The Partner Opportunity For Microsoft Security | Microsoft commissioned Forrester Consulting to conduct a Total Economic Impact™ (TEI) study to examine how partners can benefit from investing in and expanding their Microsoft security practices for both small and medium-sized businesses (SMBs) and enterprise customers. “Microsoft security” is a broad term that encompasses all products and services across six product families: Microsoft Defender, Microsoft Sentinel, Microsoft Entra, Microsoft Intune, Microsoft Purview, and Microsoft Priva. | Foresster 2023 | |
| Microsoft Security Community | Join Our Microsoft Security Community | Want to help defend the world against cyber attacks? We want you to influence our designs, plans, and guidance so we can have a global impact together. That’s why we need your participation in our security community | Community |
| Investing in MXDR partner success | Demand for managed extended detection and response (MXDR) services is on a fast growth trajectory. Today, more than 860,000 organizations use Microsoft security products,1 and according to Gartner, more than 60 percent of organizations will be using managed detection and response (MDR) services for threat monitoring, detection, and response functions that offer threat containment and mitigation capabilities by 2025.2 Partners play a critical role in addressing this incredible customer demand, and Microsoft is investing in your ability to meet this coming need. | Transform | |
| Microsoft Defender XDR + Sentinel Deployment Guide | by @RayReyes - paper to include deployment guidance for Microsoft hashtag#Sentinel and a few updated sections. Highlighting of Copilot for Security. | ||
| Security, Compliance, & Identity Partner Sales Acceleration Program (PSAP) | This program offers best practices and presentation resources that will guide you in shaping a business-first sales model that focuses on the Microsoft Security, Compliance, & Identity solution area and its core sales plays. | Microsoft Partner | |
| Microsoft Managed Security Solutions Provider Partner Program | The Microsoft Managed Security Solutions Provider Partner Program is an invite-only program that has been created to support selected partners in creating customer intent to purchase and use Microsoft security technologies and solutions. | ||
| Security Sales Enablement Journey | Security Enablement journey is a 14 module On-demand videos of between 30 mins - 150 mins each intended to equip you with knowledge to support your customers security needs. You will learn more about industry concepts and Microsoft differentiators and how you can help your customers scale these processes to achieve a higher level of visibility and manageability while greatly reducing their risk. | April 2022 | |
| Security, Compliance, and Identity training and certifications | This guide has been created to provide training and certification options to achieve personal success. | ||
| Security Build Intent Workshop | Azure credits for customer workshop delivery Microsoft 365 & Security for Partners | … | |
| The Chief Information Security Officer (CISO) Workshop Training | The Chief Information Security Office (CISO) workshop helps accelerate security program modernization with reference strategies built using Zero Trust principles. | Microsoft Learn | |
| Microsoft Purview & Priva Partner Playbook | This playbook provides Microsoft Partners with guidance and resources to help build or expand their practice by offering data security, compliance, and privacy solutions. It is a packaged journey that will help you learn more about the Microsoft Purview and Priva product family and the opportunities for partners. You’ll find guidance on practice development, the skills your organization will require to be successful, and the tools to take your offerings to market. | ||
| Security Adoption Framework (SAF) | The Security Adoption Framework (SAF) provides guidance for organizations through end-to-end security modernization across a ‘hybrid of everything’ multicloud and multi-platform technical estate. | Microsoft Adoption | |
| Navigating the Maze of Incident Response | This guide explains how to structure an incident response, with recommendations and best practices to help navigate those crucial initial hours after a breach is detected. This document focuses first and foremost on the people and processes involved in effectively responding to an incident—the roles required to respond to incidents, how to manage your response in way that is efficient and people-centric, how to avoid burnout and ensure all requirements and obligations are met at every level, and how to ensure everyone’s roles and responsibilities are clear, so the incident response is effective overall | Microsoft Security | |
| Microsoft Incident Response Ninja Hub | This page includes a compilation of guides and resources that the Microsoft Incident Response team has developed on threat hunting, case studies, incident response guides, and more. Many of these pieces were also developed in collaboration with Microsoft’s partners across Microsoft Security, providing a unique view into how the Microsoft Security ecosystem leans on cross-team collaboration to protect our customers. | Tech Community |
Security and Compliance Certifications
| Source | Description | Notes |
|---|---|---|
| Security and Compliance Certifications | Overview Poster | Microsoft |
| Security and Compliance Training and certifications guide | Summary role-based training and certification guide | Microsoft |
| Security and Compliance Training Journey | Complete role-based training and certification journey map | Microsoft |
Architecture
| Source | Description | Notes |
|---|---|---|
| Microsoft Cybersecurity Reference Architectures | Includes latest products and names and integrates the Microsoft Security Adoption Framework (SAF). Includes past diagrams, context on how these capabilities fit into an end to end security architecture and several vendor neutral diagrams that can be used immediately by any organization. The MCRA also includes Zero Trust models for NIST and Open Group and the mapping of Microsoft capabilities to help you plan those initiatives. @Mark Simos | Microsoft |
| DevSecOps | From the Azure Architecture Centre > Solution Ideas | |
| Demystifying Service Provider’s Access Methods | Recommended practices for service providers | Webinar |
| Conditional Access gap analyzer workbook | With the Conditional Access gap analyzer workbook, you can detect gaps in your Conditional Access implementation. | Microsoft Learn |
XDR
| Source | Description | Notes |
|---|---|---|
| Microsoft Defender XDR Blog | Includes monthly news summaries and operations insights across the Microsoft Defender Products | Microsoft |
Zero Trust
| Source | Description | Notes |
|---|---|---|
| Zero Trust partner kit resources | Helping our partners and customers design, architect, and deploy security solutions is important. These top-requested Zero Trust resources are available for you to use with your own organization and customers. | Microsoft Learn |
| Learn How to Implement Zero Trust in Your Public Sector Organization | In this collection, learn more about the importance of a Zero Trust strategy and how to implement it. | Microsoft Learn Collection |
| Microsoft Zero Trust Workshop | A comprehensive technical guide to help customers and partners adopt a Zero Trust strategy and deploy security solutions end-to-end to secure their organizations. | GitHub |
Azure
| Source | Description | Notes |
|---|---|---|
| Azure Network Security Ninja Training | In this blog post, we will walk you through basic to advanced scenarios for Azure network security. Ready to become an Azure NetSec ninja? Dive right in! | Tech Community 2022 |
Copilot for Security
- See the Copilot for Security
-
Sentinel
- See the Sentinel page
Microsoft Lighthouse
| Source | Description | Notes |
|---|---|---|
| Use GDAP to set up least privilege access in Microsoft 365 Lighthouse | This post explains these improvements and guides you on how to use the Delegated access page to establish GDAP relationships with your customers | Tech Community |
| Clean up Inactive users with Microsoft 365 Lighthouse | Microsoft 365 Lighthouse makes it faster and easier than ever before for Managed Service Providers (MSPs) to manage users across customer tenants. This includes managing inactive users | Tech Community |
| Microsoft 365 Lighthouse for SMB Managed Services Providers (MSPs) | Introducing a new portal that will enable multi-tenant management of Microsoft 365 services by IT Partners – especially Managed Service Providers (MSPs) who serve small & medium-sized businesses (SMBs). | Nov 2020 |
| Microsoft 365 Lighthouse Demo | Microsoft 365 Lighthouse is an admin portal that helps Managed Service Providers (MSPs) secure and manage devices, data, and users at scale for small- and medium-sized business (SMB) customers who are using Microsoft 365 Business Premium | 2021 |
Microsoft Entra
| Source | Description | Notes | |
|---|---|---|---|
| Microsoft Entra Private Access | In this blog, we take a deeper look into Microsoft Entra Private Access | Tech Community | |
| Entra Private Access Preview | Activate the Global Secure Access preview, which includes Microsoft Entra Internet Access and Microsoft Entra Private Access. | Entra | |
| Demystifying Microsoft’s Entra Overhaul: Your Infographic Guide to End-to-End Updates, Capabilities & Additions | Summary and infographic | LinkedIn @SamehYounis | |
| Reimagine secure access with Microsoft Entra | On-demand : Learn how to secure access for any identity to any resource, from anywhere. Hear announcements about Microsoft Entra innovations that redefine how to think about secure access. See demonstrations of the latest Microsoft Entra products and capabilities. Listen to deep-dive conversations between security leaders about preparing your identity and access strategy for what’s next | Info | |
| [Microsoft Entra | Security Service Edge solutions](https://www.youtube.com/playlist?list=PLXtHYVsvn_b8E_gEstbJKA_D1a8gocIhu) | YouTube Playlist - Includes Microsoft Entra Internet and Private Access videos | Microsoft Mechanics |
| Microsoft Entra Tech Accelerator: Part 1 of 2 | Entra ID Governance, Entra External ID. | Tech Community | |
| Microsoft Entra Tech Accelerator: Part 2 of 2 | Entra Internet Access, Entra Private Access. | Tech Community | |
| Days of the Defender: Identity & Access Management with Microsoft Entra | PArtner On-demand : Days of Defender - Identity & Access Management with Microsoft Entra Deep Dive. These Security depth workshops are intermediate to advanced technical sessions | ||
| Microsoft Entra sessions @ Build 2023 | Flagship event for developers, Microsoft Build is where industry disruptors, cutting-edge technologists, and the developer community come together to learn about new tech, share ideas, and get fueled with skills to build the future | Microsoft Build 2023 | |
| Microsoft Entra sessions @ Airlift 2022 | Airlift is an engineering-led event for deep dive technical training. | Microsoft Airlift |
Demos and Lab
| Source | Description | Notes |
|---|---|---|
| Woodgrove Groceries | WoodGrove Groceries is a live web application created by Microsoft to demonstrate several Azure AD B2C features. | |
| Woodgrove Employee | Azure AD demo | |
| XDR Cloud Guide | Detect and respond to modern attack with unified SIEM and XDR capabilities | Cloud Guides |
Microsoft Defender Threat Intelligence
| Source | Description | Notes |
|---|---|---|
| Microsoft Defender Threat Intelligence Ninja | This blog post will walk you through Microsoft Defender Threat Intelligence (Defender TI) level 400 training and help you become a Defender TI master. | Tech Community 2022 |
Defender External Attack Surface Management (EASM)
| Source | Description | Notes |
|---|---|---|
| Unlocking a 360° Cybersecurity View with Microsoft Defender EASM | Summary and infographic | LinkedIn @SamehYounis |
Defender for Microsoft 365
| Source | Description | Notes |
|---|---|---|
| Unlocking SIEM Capabilities: Microsoft 365 Defender Portal vs. Microsoft Sentinel - An In-Depth Comparison | Summary and infographic | LinkedIn @SamehYounis |
| Microsoft Sentinel and Microsoft 365 Defender | This repository contains out of the box detections, exploration queries, hunting queries, workbooks, playbooks and much more to help you get ramped up with Microsoft Sentinel and provide you security content to secure your environment and hunt for threats. The hunting queries also include Microsoft 365 Defender hunting queries for advanced hunting scenarios in both Microsoft 365 Defender and Microsoft Sentinel. | GitHub |
| Microsoft 365 Defender Demo | Using the integrated threat protection demo environment, this Microsoft 365 Defender Demo Guide walks field sellers through a content rich demo for customers showing the investigation of a simulated spear phishing attack and advanced hunting exercise. | .. |
| Microsoft Defender for Business | WEbinar series | … |
| Microsoft 365 Defender Ninja | his Ninja blog covers the features and functions of Microsoft 365 Defender – everything that goes across the workloads, but not the individual workloads themselves. The content is structured into three different knowledge levels, with multiple modules: Fundamentals, Intermediate, and Expert. | August 2022 |
| Microsoft 365 Defender multi-tenant support | Public preview for multi-tenant environments in Microsoft 365 Defender, which provides large organizations with the much-needed visibility and ease of use across their distributed environments | Tech Community |
Defender for Cloud
| Source | Description | Notes |
|---|---|---|
| Microsoft Defender for Cloud Apps open app connector platform | This article describes how SaaS app vendors can use the Defender for Cloud Apps open app connector platform to build connectors for their own apps. The codeless open app connector platform helps simplify connector development by avoiding extra coding and reducing integration time. | Microsoft Learn |
| Support matrices for Defender for Cloud | Describes Azure services and client operating systems that are supported by Microsoft Defender for Cloud. | Microsoft Learn |
| Microsoft Defender for Cloud | Will help you work programmatically at scale with Microsoft Defender for Cloud and provide you additional value to secure your environment, some of which has not yet been embedded into the product (yet). | GitHub |
| Become a Microsoft Defender for Cloud Ninja | This blog post has a curation of many Microsoft Defender for Cloud (formerly known as Azure Security Center and Azure Defender) resources, organized in a format that can help you to go from absolutely no knowledge in Microsoft Defender for Cloud, to design and implement different scenarios | Tech Community 2022 |
| Discover Which Generative AI Apps Are Used in Your Environment | Learn and configure your environment, step by step, while watching, to simply discover and control the use of Generative AI apps in your organization. This step-by-step video is meant to be followed as it plays along to help you easily setup the proper config and policies. | Microsoft Security Community YouTube |
Defender for Cloud Apps
| Source | Description | Notes |
|---|---|---|
| Microsoft Defender for Cloud Apps | This repository contains out of the box playbooks and scripts to help you automate scenarios with Cloud App Security, secure your environment and hunt for threats. | GitHub |
| Microsoft Defender for Cloud Apps Ninja Training | Microsoft Defender for Cloud Apps has hundreds of amazing videos available and it can sometimes be overwhelming with determining where to start and how to progress through different levels. We’ve gone through all these and created this repository of training materials - all in one central location! | June 2022 |
| Top Threat Protection use cases in Microsoft Defender for Cloud Apps | In this blog, we will showcase the top examples from each part of the threat protection landscape, to protect your organization from cloud apps threats, according to the following classifications: Prevent – SaaS Security Posture Management (SSPM), Detect – Business Email Compromise (BEC)scenario, Respond – Suspend user, Investigate – Investigate a compromised user | Sept 2022 |
Defender for Endpoint
| Source | Description | Notes |
|---|---|---|
| Microsoft 365 Defender | Defender Hunting Queries | GitHub |
| Defender for Endpoint Ninja Show | This training series is based on the Ninja blog and brings you up to speed quickly on Microsoft Defender for Endpoint. In every episode, our experts guide you through the powerful features and functions of Microsoft Defender for Endpoint that help you keep your environment secure. We start with the fundamentals and dive deeper as the show continues. | Starts May 2022 |
| Become a Microsoft Defender for Endpoint Ninja | ||
| Microsoft Defender for Endpoint client analyzer | Microsoft Defender for Endpoint client analyzer on supported Windows, macOS, and Linux Operating Systems. | Microsoft Learn |
| Optimizing endpoint security with Microsoft Defender for Endpoint’s flexible licensing options | This new preview capability, mixed licensing support, allows customers to use different Defender for Endpoint licenses on different devices, depending on their security needs, without having to set up multiple subscriptions. | Tech Community |
| MED for Digital Forensics & Incident Reponse (DFIR) | by @cyb3rmik3 (Michalis Michalos) - A curated set of resources for DFIR tools and techniques using Microsoft Defender for Endpoint (MDE) and the wider Microsoft Azure and Microsoft Defender environments | GitHub |
Defender for Identity
| Source | Description | Notes |
|---|---|---|
| Setup a Microsoft Defender for Identity security alert lab | The purpose of the Microsoft Defender for Identity Security Alert lab is to illustrate Defender for Identity’s capabilities in identifying and detecting suspicious activities and potential attacks against your network. | Microsoft Learn |
Defender for DevOps
| Source | Description | Notes |
|---|---|---|
| Remediating Infrastructure-as-Code Security Misconfigurations with Microsoft Defender for DevOps | By integrating Microsoft Defender for DevOps into Azure DevOps and GitHub environments, security teams and developers can now collaborate toward DevOps security posture management from code to cloud. Security teams can view the security hygiene of each repository, identifying which repositories contain critical IaC misconfigurations before the infrastructure is provisioned to production workloads | Tech Community |
| Detect exposed secrets in code | Defender for Cloud offers a solution by using secret scanning to detect credentials, secrets, certificates, and other sensitive content in your source code and your build output. | Microsoft Learn |
| Enable pull request annotations in GitHub and Azure DevOps | With Microsoft Defender for Cloud, you can configure PR annotations in Azure DevOps. You can get PR annotations in GitHub if you’re a GitHub Advanced Security customer. | Microsoft Learn |
Purview
| Source | Description | Notes |
|---|---|---|
| Purview Data Security Roadmap | PRuview roadmap of Information Protection, Compliance, Lifecycle, and Risk Management capabilities | M365 Roadmap |
| Notes from Microsoft Purview engineering | Prescriptive deployment guidance and articles from the Microsoft Purview engineering team. Learn more about deploying solutions across Microsoft Purview with the Purview deployment models, a content series featuring a simple visual of activities combined with a detailed guide. Feature playbooks are detailed feature guides to maximize their use. Articles provide more tips to maximize your use of Microsoft Purview. | Microsoft Learn |
| Crash Course in Microsoft Purview | Crash Course in Microsoft Purview - A guide to securing and managing your data estate | eBook |
| Implementing Zero Trust with Microsoft Purview | Microsoft Purview solutions can help you implement a Zero Trust security strategy | Microsoft Learn |
| Microsoft Purview One-Stop-Shop (OSS) | Deployment acceleration, notes from the field, jump starts, webinars from the Customer Acceleration Team (CAT) | GitHub |
| Data Governance and Compliance with Microsoft Purview - Tech Intensity Series | Extending the Purview name and bringing together data governance capabilities from Data & AI and compliance and risk solutions from Security into one product family, and rebranding to Microsoft Purview | August 2022 |
| Microsoft Purview Data Loss Prevention Ninja Training | There are several videos and resources out there and the overall purpose of the Microsoft Purview Data Loss Prevention Ninja training is to help you master this realm. We aim to get you up-to-date links to the community blogs, training videos, Interactive Guides, learning paths, and any other relevant documentation. | Tech Community |
| Creating Endpoint DLP Rules using PowerShell | This blog is a multi-part series on managing Endpoint DLP Rules using PowerShell: part 1, part 2 | Tech Community |
| Open source connector to investigate Microsoft Purview Data Loss Prevention | Step-by-step guided walkthrough of setting up the open-source, Microsoft Purview Data Loss Prevention (DLP) incident management solution for Microsoft Sentinel | Tech Community |
| Investigate Microsoft Purview Data Loss Prevention alerts in Microsoft Sentinel | Step-by-step guided walkthrough of the Microsoft Sentinel experience for Microsoft Purview Data Loss Prevention (DLP) incident management. This is based on the open-source connector | Tech Community |
| Data Loss Prevention: From on-premises to cloud | The purpose of this Microsoft-commissioned study was to delve into the data security landscape to find out how companies are managing and perceiving success of their DLP solutions. The goal of the study was to 1) uncover the top priorities and challenges facing organizations, 2) understand the evolution of firms’ DLP solutions as they address today’s shifting digital landscape, and 3) discover what barriers stand in the way of firms’ adopting cloud DLP solutions. | Microsoft Security |
| Gain flexibility and scale with a cloud-native DLP solution | Microsoft spoke to more than 300 data and compliance professionals to create the white paper “Data Loss Prevention: From on-premises to cloud.” We’ve presented some of the study’s highlights here, including common DLP states in use, challenges in migrating to a new DLP solution, best practices, and the benefits of adopting a cloud-native DLP solution. | Microsoft Security |
| Advanced hunting for Microsoft Purview Data Loss Prevention (DLP) incidents | This blog provides guidance on how to get started and leverage advanced hunting for Microsoft Purview DLP investigations. We are sharing sample queries for high value scenarios to help you get started. | Tech Community |
| Migrate your Symantec DLP policies to Microsoft Purview | The migration assistant is a Windows-based desktop application that helps migrate existing DLP policies from Symantec to Microsoft Purview DLP with minimal effort. The migration assistant supports policies for all workloads supported by Microsoft Purview DLP including Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams, endpoint devices, and non-Microsoft applications. | Tech Community |
| Secure by default with Microsoft Purview | This guide is for administrators with knowledge of Microsoft Purview Information Protection, DLP, and Insider Risk Management and serves as the starting point for your deployment, recommended by the engineering team and describes high-level activities and deployment tips to help you plan an implementation. | Microsoft Learn |
| New Microsoft Purview features help protect and govern your data in the era of AI | Microsoft Purview Data Security Posture Management, data security and security operations center integration, Protecting data and preventing sensitive data loss, Data Governance innovations to drive greater business value, templates in Compliance Manager to help simplify compliance, controls for ChatGPT Enterprise with integration with OpenAI for improved compliance , Data Security Posture Management for AI, controls for Microsoft 365 Copilot help prevent data oversharing, capabilities to detect risky activities in Microsoft 365 Copilot, capabilities for agents built with Microsoft Copilot Studio | Security Blog |
Microsoft Purview Information Protection Ninja
| Source | Description | Notes |
|---|---|---|
| Microsoft Purview Information Protection Ninja Training | Microsoft Purview Information Protection (formerly Microsoft Information Protection-MIP) | Tech Community |
| Microsoft Purview Data Loss Prevention Ninja Training | Microsoft Purview Data Loss Prevention Ninja training | Tech Community |
Purview Data Lifecycle and Records Management
| Source | Description | Notes |
|---|---|---|
| Purview Data Lifecycle and Records Management Ninja | Microsoft Purview Data Lifecycle Management and Microsoft Purview Records Management help to govern your Microsoft 365 data for compliance or regulatory requirements. | Tech Community |
Compliance Ninja
| Source | Description | Notes |
|---|---|---|
| Become a Microsoft Priva Ninja | We have compiled several videos, document guides, and other resources to aid users in mastering the Microsoft Priva Ninja training realm. Our goal is to get you the most current links to the community blogs, training videos, Interactive Guides, learning paths, and any other relevant documentation. | Tech Community |
| M365 Compliance One-Stop-Shop (OSS) | We built this page to help you easily find all relevant content and resources relating to the Microsoft Purview solutions. Please bookmark this page for future reference as we will update it on an ongoing basis. Also, do submit your feedback and contributions to the site via the appropriate links. | From Customer Acceleration Team (CAT) |
| Become a Microsoft 365 Advanced eDiscovery Ninja | In this blog post, we share the top resources for eDiscovery users to become masters of the Microsoft Purview eDiscovery Premium solution! After each level, we offer you a knowledge check based on the training material you have just completed. The goal of the knowledge checks is to help ensure understanding of the key concepts that were covered | TechCommunity |
| Microsoft Purview Information Protection Ninja | Have you been wanting to figure out the best way to protect data? How about figuring out what is in your environment? Struggling to let others know you’ve completed your training? Well, wait no longer! Our MIP Ninja Training is here! | Tech Community |
| Microsoft Defender for Cloud Apps | Microsoft Defender for Cloud Apps has hundreds of amazing videos available and it can sometimes be overwhelming with determining where to start and how to progress through different levels. We’ve gone through all these and created this repository of training materials - all in one central location! | June 2022 |
| Compliance Manager Ninja | We’ve sifted through the vast resources Microsoft has to offer for MSCM and developed this training to guide you – all in one location, in a simple easy to follow format! If there is anything we can do to improve this training, please do not hesitate to leave a comment below and we will be sure to review it. | Feb 2022 |
| Insider risk Insider Risk Management Ninja | In this Ninja page, we share the top resources for Insider Risk Management users to become more proficient with the Microsoft Purview Insider Risk Management solution. | April 2022 |
| Communication Compliance Ninja | In this Ninja page, we share the top resources for Communication Compliance users to become more proficient with the Microsoft Purview Communication Compliance solutio | April 2022 |