All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Cloud
  • Security
    •

Threat Detection for Azure

1 Course
1 Lab
2 Hours
Skill IQ

This learning path is actively in production. More content will be added to this page as it publishes and becomes available in the library. The planned content for this path includes the following: - Azure Security Telemetry Fundamentals (video course) - Centralized Logging and Analysis with Microsoft Sentinel (video course) - Automated Incident Response on Azure (video course) - Investigate a Security Incident in Azure (hands-on lab)

Level up your cloud defense skills by mastering Microsoft’s native detection stack, Defender for Cloud, Microsoft Sentinel, and Logic Apps, through fast‑paced, hands‑on courses and a guided lab. By the end of this path you’ll be able to surface threats in real time, prioritize what matters, and kick off automated responses that keep your Azure workloads safe.

Get started

Content in this path

Essentials

This section covers the foundational steps required to collect, aggregate, and analyze security telemetry in Azure. Learners will first enable Defender for Cloud to generate native Azure logs and alerts, and then ingest those telemetry streams into Microsoft Sentinel to build detection rules and dashboards. By focusing on core data collection and analysis workflows, learners gain the essential skills needed to detect risks before moving on to automated response.

Course

Azure Security Telemetry Fundamentals

  • by Chris Behrens
  • 56m
  • Aug 05, 2025
Lab

Investigate a Security Incident in Azure

  • 45m
  • Sep 05, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
What You'll Learn
  • 1. You will configure Defender for Cloud to enable and validate Azure-native telemetry collection across subscriptions.
  • 2. You will ingest and analyze logs in Microsoft Sentinel by deploying data connectors, writing simple KQL queries, and building workbooks for security monitoring.
  • 3. You will build and schedule detection rules that surface high-priority threats and feed into incident queues for SOC workflows.
Prerequisites
  • Learners should already be comfortable navigating the Azure portal, understand core Resource Manager constructs (subscriptions, resource groups, and role‑based access control), and have a working grasp of fundamental security practices such as least‑privilege access and centralized logging. Hands‑on familiarity with the Azure CLI or PowerShell will help them move swiftly through the demos.
Related topics
  • Cloud Security
  • Microsoft Azure
  • Threat Detection
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Chris Behrens
Chris Behrens
Chris B. Behrens is a writer, speaker and software developer, specializing in DevOps. He has been a developer and architect for more than twenty years focusing on small to medium size companies and the development changes they face. He focuses on his flavor of Fear Based Development, whereby a developer ranks their tasks in descending order of anxiety, and how to tackle them in that order. Chief among these anxiety-inducing processes is software deployment, a topic that Behrens focuses upon. He ...

Join our learners and upskill
in leading technologies