1. Home
  2. Courses
  3. Threat Protection and Incident response with Microsoft Sentinel within Unified Platform

Threat Protection and Incident response with Microsoft Sentinel within Unified Platform

Enroll Now
Last Updated 13 Mar 2026

Course Overview

Learn how to implement end-to-end threat protection and incident response using the new unified Microsoft Defender portal. This course equips technical teams to deploy, investigate, automate, and integrate Microsoft Sentinel with Microsoft’s security suite—using a single, streamlined SecOps experience enhanced by AI, UEBA, SOAR, and Security Copilot.

Duration - 8 Hours

Level - Intermediate

Style - Self paced

Course Type - Project Ready with Labs

Certification - No

Hands on Labs - Yes

Solution Areas - Security, Modern SecOps with Unified Platform

ESI Course Code - DW-360

Course Modules

Threat Intelligence in Microsoft Sentinel

This module introduces modern SOC operations and the evolving threat landscape using Microsoft Sentinel. It also covers deployment, integrations with Microsoft Defender, and threat intelligence capabilities.

Investigation in Microsoft Sentinel

This module introduces watchlists and User and Entity Behavior Analytics to detect anomalous activities. It also covers enabling and investigating security insights using UEBA.

Automation and response with Microsoft Sentinel

This module introduces SOAR capabilities in Microsoft Sentinel, including automation with playbooks and Azure Logic Apps. It also covers threat detection, data analysis, and threat hunting using Microsoft Defender.

Integration with other Security Solutions

This module covers integrating Microsoft Defender for Cloud and Microsoft Defender XDR with Microsoft Sentinel for unified security operations. It also explores access control and migration considerations.

Security Copilot and Unified SOC

This module introduces Microsoft Security Copilot for SOC operations, including incident investigation and AI-powered security insights. It also covers Security Copilot agents, the Security Store, and managing unified SOC operations in the Microsoft Defender portal.

Post-training Skills Assessment

Take this assessment to validate your skills gathered from the self-paced online learning course completed in this course to mark your completion.

Course Completion Survey

Share your feedback with us regarding your experience!

Other courses in this Category

Intermediate

Implement Microsoft Defender for Endpoint

Duration - 12 Hours
Course
Intermediate

Protect cloud, AI Platform and Apps by implementing Defender for Cloud

Duration - 12 Hours
Course
Intermediate

Implement Threat Protection with Microsoft Defender XDR solutions

Duration - 12 Hours
Course
Advanced

Implement Identity and access management with Microsoft Entra

Duration - 16 Hours
Course

Explore related topics