Microsoft 365 Defender is an integrated, cross-domain threat detection and response solution. It provides organizations with the ability to prevent, detect, investigate and remediate sophisticated cross-domain attacks within their Microsoft 365 environments.
To help you get started with Microsoft 365 Defender and take advantage of its capabilities we’ve compiled a series of short videos. These will walk through the key product features and show you how to apply them to your business today.
We’re constantly adding new capabilities to Microsoft 365 Defender so check back here regularly for new videos and instructional content.
The latest additions are marked with NEW
Please share your feedback or ask questions in the comments section below; let us know what other videos and topics you would like to see.
UPDATED Watch an all-up overview of Microsoft 365 Defender and learn about its capabilities
Check out how you can get started quickly and start benefiting from its capabilities
Azure Sentinel integration
This video shows you the improved and enhanced Microsoft 365 security center.
This video describes how you can stream all Microsoft 365 Defender incidents into Azure Sentinel and keep them synchronized.
UPDATED Learn how alerts are being correlated into incidents and how to work with them
Get started with advanced hunting to hunt for threats across your Microsoft 365 Defender data
NEW This video explains how the Secure Score can help you protect your organization
NEW Learn the basics of KQL, the language used for advanced hunting
Unpacking JSON in KQL
NEW This video demonstrates how to unpack JSON strings by using the Kusto Query Language.
NEW This video demonstrates ways you can optimize Kusto Query Language.
Joining tables in KQL
Hunting linked downloads
NEW This video demonstrates joining tables by using Kusto Query Language.
NEW Learn how to use advanced hunting to find URL clicks that download files.
NEW Check out the new, unified submissions experience in the Microsoft 365 Defender portal.
Learn how you can setup the streaming API to ship event information directly to Azure Event hubs or to Azure storage.
Microsoft 365 Defender and Power Automate
Learn how you can use Power Automate to automate your workflows.
UPDATED This video helps you better understand how Microsoft 365 Defender automates remediation actions
We are listening! See how easy it is to share your feedback with us
Security center for Microsoft Defender for Office 365 customers
Security center for Microsoft Defender for Identity customers
See the improved and NEW features you get when you start using the Microsoft 365 Defender portal - at no costs.
This video shows improved and NEW features you get when you move to the Microsoft 365 Defender portal - at no costs!
See how quickly you can classify your incidents & alerts
With threat analytics you can track and respond to emerging threats