Course Overview
The Microsoft 365 and Azure Security and Compliance Hackathon invites security engineers and enthusiasts to learn how to ensure security and maintain compliance for organizations utilizing Microsoft cloud services. Participants will be tasked with developing strategies and solutions that ensure robust data protection, mitigate cybersecurity risks, and enforce enterprise regulatory compliance, by working through challenges inspired from real-world scenarios.
Course Content
The challenges are interconnected and build upon one another, allowing participants to progressively deepen their understanding of conditional access, secure collaboration, endpoint and information protection and data loss prevention. They will also acquire knowledge in implementing Role-Based Access Control and Azure Policies, securing virtual networks, and utilizing Azure Sentinel for threat detection. Participants will be part of a newly founded IT security team in a corporation that has decided to take security to a higher level. They will be given access to Microsoft 365 Admin Portals and Azure services and resources to address each challenge.
Course Objectives
This hackathon encompasses the cutting-edge practices in safeguarding Microsoft 365 and Azure environments – from fundamental identity management to sophisticated threat detection and response strategies. Every participant will build the following technical skills:
- Experience with Microsoft Entra admin portal (Identity Protection, Conditional Access, Authentication methods, Password reset)
- Experience with Microsoft 365 Security and Compliance admin portals (Secure Score, Email and collaboration, Defender for Cloud Apps, Advanced hunting, Insider Risk Management, Information protection, Data loss prevention, attack simulation)
- Experience with Microsoft Intune (Endpoint Protection)
- Experience with Azure platform (Conditional Access, PIM, Defender for Cloud, Azure Policy, Azure Firewall, Azure Sentinel and Playbook)
Microsoft 365 and Azure Security and Compliance Hackathon builds on the concept of learning by doing in a highly interactive environment. Solving real-world problems without being told directly what to do will enable participants to apply acquired skills immediately on their job.
Outline: Microsoft 365 and Azure Security and Compliance Hackathon (MAZSECHCK)
Challenge 1
In this challenge, participants will start analyzing the Secure Score tool to identify key security recommended actions that will elevate security posture. They will provide secure access to the tenant enabling Multifactor authentication and review roles and organized them by least privileged principle.
Challenge 2
Building upon the previous challenge, participants will implement advanced security measures, such as activating Microsoft Defender for Cloud and enforcing conditional access policies that regulate user authentication and access based on their risk levels and departmental roles. They will also empower specific users with time-bound and role-specific privileges.
Challenge 3
Participants will create different policies to secure email and collaboration and policy rules to block domains and addresses and URLs. They will create phishing simulation using Microsoft 365 defender attack simulation and will analyze the results.
Challenge 4
In this challenge, participants will manage compliance needs using integrated solutions. They will deploy policies and configurations that support information protection, data loss prevention and insider risk management.
Challenge 5
In this challenge, participants will enable granular access control and improve security with Azure Role-Based Access Control. They will also ensure consistent management and security across Azure resources using different Azure Policies.
Challenge 6
Participants will create Azure Firewall to control inbound and outbound network traffic and protect Azure resources from unauthorized access and attacks. They will execute the attack simulation for local host infection and malicious behavior against one of the test devices. They will also implement Azure Sentinel and create an Azure Playbook and analytics rules.
Challenge 7
During this challenge, participants will be dealing with endpoint protection. They will enroll devices to Intune, create policies, run simulated attack against a deployed device and investigate the attack.