1. Home
  2. Implement with impact Protect cloud, AI Platform and Apps by implementing Defender for Cloud

Implement with impact Protect cloud, AI Platform and Apps by implementing Defender for Cloud

Enroll On-demand
Last Updated Oct 2025

Course Overview

Microsoft Defender for Cloud is a cloud-native application protection platform (CNAPP) with a set of security measures and practices designed to protect cloud-based applications from various cyber threats and vulnerabilities. Learn how to implement a development security operations (DevSecOps) solution that unifies security management at the code level across multicloud and multiple-pipeline environments. Learn how to enable a cloud security posture management (CSPM) solution that surfaces actions that you can take to prevent breaches and a cloud workload protection platform (CWPP) with specific protections for servers, containers, storage, databases, and other workloads.

Target Audience - Project Ready

Suggested Certification - No

Hands on Labs - Yes

ESI course code -

Duration - 12 hours

Level - Intermediate

Course Modules

Cloud Security Posture Management

Introduction to Zero Trust

Introduction to Microsoft Defender for Cloud

CNAPP strategy

Microsoft Defender Cloud Security Posture Management

Cloud Workload Protection

Cloud security challenges

Microsoft Defender Cloud Workload Protection

Overview of

Defender for Servers​​ - 30 min

Defender for Containers​​ - 30 min

Protect Cloud Databases​​ - 30 min

Defender for Storage​​ - 30 min

Interactive Simulated Lab Experience

Enabling Microsoft Defender for Cloud

Enabling Microsoft Defender for SQL

Enabling Microsoft Defender for open-source relational databases

Enabling Microsoft Defender for Storage accounts

Managing VM access and enabling JIT access

Cloud Workload Protection

Microsoft Defender for APIs​​ - 30min

Application Infrastructure Protection – 30 min

Data Security Posture Management

Automatic discovery

DSPM in Defender CSPM

Attack Path Analysis and Scenarios

Cloud Security Explorer

Data sensitivity settings

Pricing Defender for Cloud (BCB)

Pricing for Cloud Security Posture Management

Pricing for Cloud Workload Protection

Policy Management of MDC

Security policies and recommendations

Identifying and analyzing risks across your environment

Overview of Security alerts and incidents

Interactive Simulated Lab Experience

Improving your regulatory compliance

Investigating the health of your resources

Managing security policies

Applying Azure security baselines to machines

Building a query with the cloud security explorer

Assessing, investigating and responding to security alerts

Secure your AI Applications

Landscape and MDC overview

AI security posture

Threat protection for AI

Integration with Microsoft Sentinel and Data lake

Security alerts and Incidents

Microsoft Sentinel

Integration with Microsoft Sentinel

Defender for DevOps

Managing your DevOps environments

Connecting DevOps environments

External Attack Surface Management

Defender EASM

Discovery

Inventory

Security Copilot in Defender for Cloud

Cloud security challenges

How Security Copilot works

Security Copilot in Defender for Cloud

Defender for Threat Intelligence

Defender TI Capabilities

How Defender TI works

Interactive Simulated Lab Experience

Connecting your Azure DevOps repositories

Creating a Microsoft Defender EASM Azure resource

Discovering your attack surface

Gathering vulnerability intelligence

Using Security Copilot standalone portal to get threat intelligence

Connecting to Microsoft Sentinel to Analyze Security Alerts

Course Prerequisites

  • Familiarity with networking, virtualization, identity and security