Task 1: Creating Microsoft Purview AccountTask 2: Setting Custom DLP policies for Microsoft Copilot for SecurityTask 3: Creating an alert in Microsoft Teams Task 1: Creating Microsoft Purview Account In Microsoft Azure portal search bar, type Microsoft Purview accounts, then navigate and click on Microsoft Purview accounts under Services. In the Microsoft Purview accounts page, click on + Create. In the Create Microsoft... Continue Reading →

In this lab, participants installed Git on testvm1 and executed malicious documents and scripts, including a ransomware attack via RanSim. The actions taken create a multi-stage incident for future analysis using Microsoft Copilot for Security. Participants reviewed protection actions and recommendations from Windows Security regarding quarantined and blocked threats.

Introduction Microsoft Sentinel's Microsoft Defender XDR incident integration allows you to stream all Microsoft Defender XDR incidents into Microsoft Sentinel and keep them synchronized between both portals. Incidents from Microsoft Defender XDR include all associated alerts, entities, and relevant information, providing you with enough context to perform triage and preliminary investigation in Microsoft Sentinel. Once... Continue Reading →

The Microsoft Defender portal serves as a centralized hub for managing security across an organization, integrating protection, detection, investigation, and response capabilities. Key components include: Microsoft Defender for Office 365: Secures email and Office 365 resources. Microsoft Defender for Endpoint: Provides protection and detection for devices. Microsoft Defender for Identity: Identifies and investigates threats using... Continue Reading →