Learn how to use the Microsoft 365 security stack

Over the last month, I have had the pleasure of delivering two new Truesec-developed courses! One focusing on Microsoft 365 Security and the other focusing on Microsoft Intune.

This blog post will present these two new offerings and explain why they are more relevant than ever. I will also share my view on delivering online training, but first the new stuff!

Microsoft 365 Security

The first course which have already been delivered to over 50 people with very good feedback is aimed to be an introduction to Microsoft 365 security.

Besides that, it also includes a chunk of how to apply the newly learned skills when it comes incident response and security strategy.

It takes of from what is at the core of Cyber Security today, which is Identity Protection. You will learn about how Azure AD and Active Directory can be connected and protected.

By leveraging AAD Identity Protection and Azure Advanced Threat Protection you´ll get a unique insight into your identity solutions. We also cover the various aspects of password management, Privileged Identity Management and MFA.

Next up we give you an introduction to logging and auditing in Office 365, as well as Office 365 ATP. It´s not a deep dive, but will give you valuable insights into the Microsoft 365 security stack.

We are also thinking of developing another course. A course that would cover compliance, to complement this course that primarily covers Threat Protection.

If you would be interested in such a course, reach out to me and we will get that going!

Endpoint Detection and Response

The third module of the course is focused on Endpoint Security and we starts off with Microsoft Defender ATP. You´ll learn how to onboard all your devices into the service, as well as how to secure them with additional protection, configured by Microsoft Intune.

Regardless if you are running Windows, iOS, Android, MacOS or even Linux – rest assure that you will leave with a new view on Endpoint Security.

In the second to last module, we bring all the previous blocks together in Microsoft Threat Protection, Microsoft Cloud App Security as well as Azure Sentinel.

We will explain the basics of threat hunting and why the integrations are so essential to the Microsoft Security story. You´ll also understand the difference between using and EDR and a SIEM from a security perspective.

Real-life Cyber Security

We will summarize the course by putting our configuration to the test. We will run through several attack scenarios and explain how you can prevent or counter them. It will also show you how you can run simulated attacks on your own environment.

The grand final is a mindboggling insight into Cyber Incident Response. You will understand how you can prepare your organizations when the worst happens.

This is a unique course which gives you insights into both Microsoft 365 as well as the world of Cyber Security.

Just like all our other courses its mainly demo/lab driven. You also have access to some of the brightest minds in the industry.

Microsoft Intune – 2.0

In this brand new, Truesec exclusive, course on Microsoft Intune we give you the opportunity to learn all aspects of the service.

During the course we will build a new Intune environment from scratch, covering all supported platforms, except for Windows Phone…

Co-management or not?

In these times we see more and more requests for implementations of Co-management as well as Cloud Management Gateway (CMG). We wont cover MEM Configuration Manager in detail in this course. But we will talk about the choices you and your organization need to make to support remote workers.

A great aspect of this course is that, what you learn about Microsoft Intune, can be applied both to environments where only Intune are being used or where Configuration Managers is utilized as well.

Mobility is the new normal

Even thought many of us are staying at home today, we are more mobile than ever. Your instructor will explain how you implement, configure, and manage the eco-systems from Microsoft, Apple, and Google.

You will be introduced to zero-touch enrollment on all platforms as well as share security best practices. We will share plenty of stories from the field on what is right, and what is wrong.

Apps, apps, apps, and services

What are we really trying to protect with an EMM solutions such as Microsoft Intune? It used to be against threats on the phone itself, but today it often about data protection and compliance. Because of that, about a fourth of the course covers Conditional Access, Application Protection-policies, and compliance.

As part of that you will also be given a deeper understanding of how 1st and 3rd party tools can help you manage your endpoints. Regardless of what OS they run or where they are.

Reporting and troubleshooting

Finally, you will learn how to manage reporting and troubleshooting in MS Intune. We work with several real-life scenarios to ensure that what you learn can be applied to your environment as quickly as possible.


cybersecurity Kerberoasting
Grab your ticket before its to late…

Given the circumstances we have today, the first courses will be delivered as virtual workshops. They can even be custom built for you and your organization if you so desire. As always with Truesec, it is two days with a high pace and lots of information when it comes to both courses.

Once we can meet each other in real life again we will probably change the format to 3-day courses. This will make room for Truesecs highly appreciated hands-on labs.

Keep an eye out for announcements on available dates and times, that will suit both European and US time zones.

Before I end, I want to share a few learnings that will benefit you if you attend an online course:

  • Keep your camera on! It makes it a lot easier for your instructor to ensure that you are understanding the topic.
  • Be prepared for a lot of content! Take notes, ask for links to follow up with and share your expectations early with your instructor.
  • Ask questions! It sounds obvious, but we are less likely to ask questions in an online learning experience. Use chat or unmute and ask away. It is appreciated both by the instructor and by the other learners. The new “raise your hand” in Teams is also a great feature to get attention.
  • Remove distractors. This is probably the hardest one, and much easier if you are in a classroom. Ensure that your manager and colleagues and yourself(!) knows that you are attending a course.

Following these advices, I know that you will have a great experience. As always when you leave one of our labs, you will be filled with knowledge.

Next step

You could wait for dates announced on social media as well as our website. However, if you cant wait reach out to me, Per Kimblad (US) or Johan Lindström (rest of the world). Let us know if you want to attend a course or do a custom one for your team.

We look forward to seeing you soon!

I want to have more information about the courses!