Blue Team, Full Day Hands-On Labs

CRHOL01 Hands-On-Lab: Protect, Detect, Respond with Microsoft Defender XD

11/16/2025

9:00am - 6:00pm

Level: Intermediate

Mattias Borg

Cyber Security Geek

Stefan Schörling

Cloud Security and Infra Geek

Onevinn AB

Level Up Your Security Operations with Real-World Defender XDR Skills

Take your security operations skills to the next level in this immersive, hands-on lab focused on Microsoft Defender XDR, designed for security analysts, SOC teams, and IT professionals. Led by instructors renowned in the community for their extensive experience with Defender XDR and security operations, this full-day workshop will put you in the driver’s seat as you work through real-world attack scenarios, threat investigations, and response workflows using Microsoft’s integrated extended detection and response platform.

You’ll step into the role of a modern Security Analyst and get direct experience with the tools and techniques used to protect, detect, and respond to cyber threats across endpoints, identities, email, and cloud apps. Whether you're looking to build foundational knowledge or sharpen your advanced hunting capabilities, this lab is packed with actionable content.

Through instructor-led and hands-on exercises in the Microsoft 365 Defender Portal, you will:

  • Learn how to harden Defender configurations for maximum protection against common attack vectors
  • Execute end-to-end incident response workflows, from alert triage to containment and remediation
  • Leverage built-in analytics and threat intelligence to understand attacker behavior and trace activity across your environment
  • Practice proactive threat hunting, using advanced query techniques and real-time data correlation to uncover threats that evade automated detection
  • Explore cross-platform threat visibility through integration with Microsoft Sentinel, Defender for Endpoint, Defender for Identity, and more

This lab balances guidance and incident response concepts with open-ended exercises, allowing you to follow best practices while applying your own problem-solving skills in simulated breach scenarios. You’ll leave with a stronger grasp of Microsoft Defender XDR's capabilities—and the confidence to apply them in your own environment.

Attendee Workstation Requirements:

  • You must provide your own laptop computer (Windows or Mac) for this hands-on lab.
  • Laptop must have a modern browser installed (Chrome / Edge / Firefox /Safari)