Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
- Connect on-premises servers, AWS accounts, and GCP projects to Microsoft Defender for Cloud to extend unified security coverage across a hybrid and multicloud estate. Learn how federated authentication secures connector access, plan connector strategy, and configure native connectors for AWS and GCP.
After completing this module, you'll be able to:
- Explain the multicloud connectivity model in Defender for Cloud, including how federated authentication works for AWS and GCP connectors
- Plan a connector strategy for hybrid and multicloud environments, including scope, scan interval, and required permissions per environment type
- Connect on-premises machines to Defender for Cloud using Azure Arc-enabled servers
- Connect AWS accounts to Defender for Cloud using the native cloud connector and CloudFormation template
- Connect GCP projects to Defender for Cloud using the native cloud connector and GCloud deployment script
- Verify multicloud connectivity health and confirm CSPM and CWPP coverage surfaces across connected environments
- Learn to use Cloud Security Posture Management (CSPM) in Microsoft Defender for Cloud to identify, prioritize, and trace security risks across Azure cloud and AI workloads — including attack path analysis and proactive risk hunting.
After completing this module, you will be able to:
- Differentiate Foundational CSPM and Defender CSPM plan capabilities, including AI security posture management features
- Interpret the Cloud Secure Score and security recommendations using the risk-based prioritization model in the Microsoft Defender portal
- Identify externally exploitable attack paths — including those targeting AI workloads — using attack path analysis
- Run graph-based queries in Cloud Security Explorer to proactively discover security risks across Azure environments
- Use Microsoft Defender External Attack Surface Management (EASM) to discover unknown internet-facing assets, analyze attack surface dashboards, and integrate outside-in findings with Defender CSPM for attack path analysis.
After completing this module, you'll be able to:
- Explore EASM features and capabilities, including asset types, asset states, and how outside-in scanning differs from other Defender tools
- Configure asset discovery using seeds to identify unknown internet-facing infrastructure and asset connections
- Use EASM dashboards to prioritize vulnerabilities and security hygiene risks across your attack surface
- Integrate EASM findings with Defender CSPM to analyze attack paths starting from internet-exposed resources
- Learn to use Microsoft Defender for Cloud to assess, investigate, and report on compliance posture against security frameworks including the Microsoft Cloud Security Benchmark, regulatory standards, and custom standards.
After completing this module, you will be able to:
- Explain how compliance standards, controls, and assessments work in Defender for Cloud — including the role of the Microsoft Cloud Security Benchmark
- Navigate the regulatory compliance dashboard to identify and investigate failing compliance controls
- Assign regulatory compliance standards to Azure subscriptions and manage compliance scope in the Azure portal
- Generate compliance reports and communicate posture using audit downloads, compliance workbooks, and Microsoft Purview Compliance Manager
- Learn to enable and configure Cloud Workload Protection Platform (CWPP) plans in Microsoft Defender for Cloud, including Defender for Servers, Storage, Databases, APIs, and AI Services — and how to deploy protection at scale and verify coverage.
After completing this module, you will be able to:
- Identify the CWPP plans available in Defender for Cloud and explain what workloads each plan protects — including Defender for AI Services and Defender for APIs
- Enable workload protection plans at the subscription level using Environment Settings in the Azure portal
- Configure Defender for Servers (Plan 1 vs. Plan 2) and Defender for Storage sub-settings for your protection requirements
- Deploy protection plans at scale using management groups and Azure Policy, and verify plan coverage using the Coverage workbook
- Configure Microsoft Defender Vulnerability Management (MDVM) for Azure VMs by selecting scanning methods, enabling assessment at subscription and machine scope, managing findings with disable rules. Then you can apply Plan 2 premium capabilities including security baselines assessment and application blocking.
After completing this module, you'll be able to:
- Explore how Microsoft Defender Vulnerability Management integrates with Defender for Servers Plan 1 and Plan 2 to provide agent-based and agentless vulnerability scanning for Azure VMs
- Configure vulnerability scanning for Azure VMs at subscription and machine scope using Defender for Cloud Environment Settings
- Review vulnerability findings, interpret CVE and severity data, and create disable rules to manage accepted risks in the Defender portal
- Apply Defender for Servers Plan 2 premium capabilities—security baselines assessment and application blocking—to enforce VM security posture
