- Microsoft 365 threat protection
- Mitigate incidents using Microsoft 365 Defender
- Protect your identities with Microsoft Entra ID Protection
- Remediate risks with Microsoft Defender
- Safeguard your environment with Microsoft Defender for Identity
- Secure your cloud apps & services with Microsoft Defender for Cloud Apps
- Respond to data loss prevention alerts using Microsoft 365
- Manage insider risk, Investigate threats by using audit features in Microsoft Defender XDR & Microsoft Purview, and with Content search in Microsoft Purview
- Protect against threats, Deploy the Microsoft Defender for Endpoint environment
- Windows security enhancements, Perform device investigations, actions on a device & evidence and entities investigations, Configure & manage automation, Configure for alerts and detections & Utilize Vulnerability Management in Microsoft Defender for Endpoint
- Workload protections, Connect Azure assets & non-Azure resources, Cloud security posture management, Cloud workload protections & Remediate security alerts using Microsoft Defender for Cloud
- Construct KQL statements for Microsoft Sentinel
- Analyze query results & Build multi-table statements using KQL
- Work with data in Microsoft Sentinel using Kusto Query Language
- Create & manage Microsoft Sentinel workspaces
- Query logs, Watchlists & Utilize threat intelligence in Microsoft Sentinel
- Connect data to Microsoft Sentinel using data connectors
- Connect Microsoft services & Defender XDR, Windows hosts & Common Event Format logs & syslog data sources, & Connect threat indicators to Microsoft Sentinel
- Threat detection with Microsoft Sentinel analytics
- Automation & threat response & Security incident management in Microsoft Sentinel
- Identify threats with Behavioral Analytics
- Data normalization, Query, visualize, and monitor data in Microsoft Sentinel
- Manage content & threat hunting, Use Search jobs & Hunt for threats using notebooks in Microsoft Sentinel
