Course
digicode: SC5X9
Secure AI Solutions in the Cloud w/ Defender for Cloud & Entra – Intensive Training (SC-5009)
SC-5009
Course facts
Download as PDF- Applying security posture management and workload protection for AI services using Microsoft Defender for Cloud
- Configuring and securing Microsoft Foundry environments using cloud-native security controls
- Designing and applying identity and access controls for AI workloads using Microsoft Entra
- Understanding AI workload risks and how Microsoft Defender for Cloud identifies and protects AI assets
- Enabling the AI Workloads plan and using Cloud Security Posture Management (CSPM) to discover and remediate misconfigurations
- Using Cloud Workload Protection (CWP) to detect runtime threats targeting AI components
- Investigating AI security alerts in Microsoft Defender XDR
- Configuring and managing guardrails in Microsoft Foundry to prevent unsafe or policy-violating model behavior
Learn how AI workloads authenticate, how trust boundaries are established, and how security posture and workload protection reduce risk using Microsoft Defender for Cloud and Microsoft Foundry. Extend these protections by using Microsoft Entra to design and apply identity and access controls that explain and harden earlier security decisions.
1 Understand how Microsoft Defender for Cloud supports AI security and governance in Azure
Microsoft Defender for Cloud plays a central role in securing AI workloads across Azure. Learn how Microsoft Defender for Cloud supports AI security across Azure. Explore the layers of an AI workload, the unique risks AI systems introduce, and the guardrails that protect model inputs and outputs. See how Microsoft Purview, Microsoft Entra ID, and Microsoft Foundry work together to support a unified security and governance strategy.
2 Protect AI workloads with Microsoft Defender for Cloud
Microsoft Defender for Cloud helps secure AI workloads by combining discovery, posture management, and runtime protection in one platform. You'll learn how to enable the AI workloads plan, review insights in the Data & AI security dashboard, assess posture using Cloud Security Posture Management (CSPM), detect runtime threats with Cloud Workload Protection (CWP), and investigate incidents in Microsoft Defender XDR. These capabilities work together to identify configuration gaps, detect suspicious behavior, and provide end-to-end visibility across your AI environments.
3 Configure and manage guardrails in Microsoft Foundry
Microsoft Foundry guardrails help secure AI workloads by applying configurable safety controls that evaluate both prompts and responses. You'll learn how to understand built-in safety models, test and refine guardrails, create blocklists, configure content filters, and validate that protections work as intended. These capabilities help organizations prevent unsafe or policy-violating interactions, protect sensitive data, and maintain trust in AI-assisted applications.
4 Secure Microsoft Foundry environments
To secure Microsoft Foundry environments requires layered protections that control access, safeguard credentials, isolate network communication, and maintain visibility across connected resources. The approach includes defining access boundaries with Microsoft Entra ID and project roles, and integrating Key Vault for secret management. It also uses managed virtual networks, Private Link, and diagnostic logging to maintain privacy, visibility, and compliance. These practices create secure, traceable AI environments that support collaboration without compromising protection.
5 Understand identity architecture for AI workloads
Identity architecture defines who can deploy, invoke, and manage AI workloads in Azure. Microsoft Entra ID governs access across management and data planes, authentication flows establish trust boundaries for AI endpoints, and role scope decisions determine blast radius. Identity types, role assignments, and scope boundaries shape AI security outcomes long before enforcement controls are applied.
6 Implement access management for Azure resources
Explore how to use built-in Azure roles, managed identities, and RBAC-policy to control access to Azure resources. Identity is the key to secure solutions.
7 Plan, implement, and administer Conditional Access
Conditional Access gives a fine granularity of control over which users and identities can do specific activities, access which resources, and how to ensure data and systems are safe—including AI agent identities managed through Microsoft Entra Agent ID.
8 Manage Microsoft Entra Identity Protection
Protecting a user's identity by monitoring their usage and sign-in patterns ensure a secure cloud solution. Explore how to design and implement Microsoft Entra Identity protection.
This course is intended for professionals responsible for securing and operating AI workloads in the cloud. The audience includes cloud security engineers, platform engineers, and application teams working with AI services who need to understand how workload protection, security posture, and identity controls apply to AI environments.
- Experience managing Azure subscriptions, workloads, and Defender for Cloud plans
- Familiarity with Microsoft Foundry and how AI workloads are deployed in Azure
- Understanding of basic cloud security principles, including posture management, access control, and incident investigation