Course

Offensive and Defensive Security of Microsoft 365 («365SEC»)

The course allows you to look at cloud security from both sides: attacker and defender. Understanding how attackers act and think allows you to build a much better defense.
Duration 3 days
Price 2'950.–

Course facts

Key Learnings
  • Knowing how killchain can be executed by attackers
  • Using MITRE ATT&CK framework by defenders
  • Knowing how traditional security solutions may fail to prevent sophisticated attacks
  • Configuring Defender for Office 365 capabilities to protect users against threats
  • Deploying Defender for Endpoint to devices and protecting them against malware and ransomware
  • Deploying Defender for Identity to an on-premises Active Directory to protect it from threats against identities, such as golden ticket and domain dominance
  • Investigating security incidents using the Microsoft 365 Defender
Content

Module 1 – Navigating the Battlefield: Leveraging MITRE ATT&CK® Tactics
Execution of complete kill chain from Reconnaissance to Exfiltration with elevation to domain dominance privileges. Demonstration of attacker behavior to understand how to prevent or investigate cyberattacks.

Module 2 – Defense Evasion
While defenders implement security features, attackers learn to bypass them. Defenders should also learn evasion techniques to keep up with attackers.

Get insights on Windows 10 and 11 security bypasses like: Defender antivirus, Applocker, PowerShell AMSI, ASR rules etc. Furthermore, cloud security features like Microsoft Defender for Office will also be explored

Module 3 – Prevention and Detection with Microsoft 365 Defender
Protect your modern workplace from modern attacks with Microsoft 365 Defender.

  • Policies to prevent phishing attacks
  • Detect and prevent lateral movement
  • Investigation with Microsoft 365 Defender

Module 4 – Ransomware Protection
Ransomware has caused a lot of damage to companies of all sizes. While defenders improve their detection methods, attackers learn as well. The goal of defenders is to be one step ahead.

  • Configure ASR rules that prevent ransomware
  • Configure Controlled Folder Access to protect data
  • Configure user data recovery
  • Third-party solutions for tenant recovery

Hands-on Labs
The course is accompanied by labs that will allow students to test some cyberattacks and protection against them:

  • LAB 1: Go phishing with Microsoft Defender for Office 365
  • LAB 2: Deploying Microsoft Defender for Identity and Endpoint
  • LAB 3: Put on a gray hat and simulate attacks
  • LAB 4: Deploying ASR rules
  • LAB 5: Deploying Controlled Folder Access
  • LAB 6: Hardening Applocker to prevent bypass
Methodology & didactics

This training includes demo-based lectures and hands-on labs

Target audience

Security analysts, security engineers, penetration testers

Requirements

Experience with Microsoft 365, Azure cloud services as well as Windows and Linux operating systems

Additional information

About the instructor:

Sergey Chubarov is a Security and Cloud Expert, Instructor with 15+ years' experience on Microsoft technologies. His day-to-day job is to help companies securely embrace cloud technologies.

He has certifications and recognitions such as Microsoft MVP: Security, OSCP, OSEP, eCPPT, eCPTX, Microsoft Certified Trainer, MCT Regional Lead, EC Council CEH, CPENT, LPT, CCSE, CEI, CREST CPSA, CRT and more.

Sergey is a frequent speaker at local and international conferences like Global Azure, DEF CON, Black Hat Europe, Wild West Hackin' Fest, Security BSides, Workplace Ninja, Midwest Management Summit, Hack in the Box, Hack in Paris etc. He prefers live demos and cyberattacks simulations.

Download

Questions

Any questions?
First name
Last name
Company optional
Email
Phone
I would like to book this course as a company course
First name
Last name
Company optional
Email
Phone
Number of participants
Desired course location
Start date (DD.MM.YYYY)
End date (DD.MM.YYYY)

Choose your date

22
Apr
2025
24
Apr
2025
Geneva
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
30
Apr
2025
2
May
2025
Zürich
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
30
Apr
2025
2
May
2025
Berne
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
30
Apr
2025
2
May
2025
Basel
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
2
Jun
2025
4
Jun
2025
Lausanne
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
23
Jun
2025
25
Jun
2025
Zürich
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
23
Jun
2025
25
Jun
2025
Berne
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
23
Jun
2025
25
Jun
2025
Basel
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
14
Jul
2025
16
Jul
2025
Geneva
French
Timetable
If you register now, this course is guaranteed to take place!
CHF 2’950.-
exkl. 8.1% Mwst.
If you register now, this course is guaranteed to take place!
CHF 2’950.-
exkl. 8.1% Mwst.
27
Aug
2025
29
Aug
2025
Lausanne
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
27
Aug
2025
29
Aug
2025
Virtual Training
English
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
8
Oct
2025
10
Oct
2025
Geneva
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
17
Nov
2025
19
Nov
2025
Lausanne
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.
Next date
22
Apr
2025
24
Apr
2025
Geneva
French
Timetable
CHF 2’950.-
exkl. 8.1% Mwst.
CHF 2’950.-
exkl. 8.1% Mwst.