Last updated: May 2, 2022

Next planned update: June 1, 2022

Access the latest partner-facing version here:
https://aka.ms/scipartnerenablement
Security, Compliance, Identity
Enablement Guide for Partners
Introduction
With the speed at which technology is evolving, attracting candidates
with modern, in-demand skill sets can be challenging as prospects look
for opportunities with the right culture, compensation, and growth
potential. Increasing competition for talent means everything about your
practice is evaluated, including your company’s reputation, leadership,
values, location, and social engagement.
Security is a complex field—there is no shortage of skilling options
available to partner security teams. The challenge has often been
choosing the relevant ones and accessing them in one place.
Leverage this guide to find a simplified view of the key upcoming training
opportunities available to partners, training resources for the role-based
exams, learning journeys across Security, and other key resources to
support you and your organization on your skilling journey.
Be sure to check back frequently — new resources will be added as they
are made available across our various platforms and channels.
Table of contents
Security Enablement for Partners

Top Upcoming Certifications Recommended Additional Change

news training and exams trainings resources log
Top news
Microsoft Security Summit | May 12
The Microsoft The Microsoft Security Summit kicks
Security off with comments from Satya Nadella,
Summit will be Vasu Jakkal, and Charlie Bell. Satya,
delivered Vasu, and Charlie will be joined by
virtually May various security experts as they share
12 from 9 AM the latest innovations in Security,
to 12 PM PT. Compliance, and Identity.
Attendees will
learn how
Microsoft
solutions can Register now: May 12, 9 AM PT
help their
organizations
The Microsoft Security Summit consists of four tracks including Security, Compliance, Identity,
deliver end-to-
and Threat Intelligence. Each track includes three technical deep dive sessions in which
end security. security experts will share product announcements and demonstrate product innovations. All
sessions will be accompanied by a live chat Q&A in which attendees can have their questions
answered by an expert.
Build your skills your way
Security Cloud Week for Partners, May 16-20, 2022
Discover Microsoft Security
solutions capabilities
Cyberattacks are a daily threat to businesses
around the world, and the demand for skilled
professionals is growing. Security Cloud Week for
Partners is designed for technical professionals to
discover how Microsoft Security, Compliance, and
Identity solutions can meet these threats.
This modular, five-day virtual training experience
allows learners to build their Security skills through
a choice of instructor-led courses, on-demand
labs, live Q&A, and offline Q&A during the hours
that best fit into their busy schedules.
Two live training sessions will be offered each day
of the event and will start at different times
depending on your location. All sessions are
recorded for on-demand playback for up to 30
days after the event, with a variety of closed
caption language options available.
During Security Cloud Week, you will:
• Start your certification preparation with instructor-led
exam prep and hands-on labs designed to help you
attain role-based certifications.
• Learn about the business value of Security through
keynote sessions.
• Learn about the capabilities of Microsoft Security,
Compliance, and Identity solutions.
• Skill up on your own time through a choice of on-
demand and live training, offered at the time of day
that works best for you.
• Ask questions, and certified trainers will answer. An
exclusive Teams channel will be available every day.
Registration will open soon for Security Cloud ,
which is offered live in three time zones:
Seattle (UTC minus-8 hours), London (UTC 0), Beijing (UTC+8)
Days of the Defenders
In-person security events begin May 17-18, 2022

Build your security Discover answers to common customer questions

knowledge and skills
Reserve your spot for a Days of
the Defenders live, in-person
event where you can gain the
knowledge and tools to
successfully have security
discussions with your customers.
These two-day events offer
participants a fast-paced, demo-
intensive experience.
These workshop will help
you understand how to
position, design, and plan
for common scenarios
with Microsoft Defender
for Cloud, Microsoft
Sentinel, and Microsoft
365 Defender workloads.

Choose from the

following cities:
• Las Colinas, Texas
• May 17-18 | 9 AM – 4 PM CT
• Irvine, California Registration is now open. Space is limited to the first 100
• May 24-25 | 9 AM – 4 PM PT participants, and registration is on a first-come, first-served basis.
• Fort Lauderdale, Florida
Sign up today for this live, in-person event to receive training on how
• June 7-8 | 9 AM – 4 PM ET
to successfully discuss different security technologies.
Dive deeper at the Microsoft Canada
monthly Security and SecOps series
Meet your host Two chances to increase
your knowledge
❖ The SecOps Deep Dive series is a monthly
webinar for Microsoft partners aimed at
enhancing SecOps skills and providing
products insights.
❖ The What’s New in Microsoft Security
series brings you highlights of the latest in
Senior Cloud Microsoft security to help you deliver and
Solutions Architect sustain a secure customer environment.
Sameh Younis
focuses on helping
Microsoft security
partners enhance
their security
practices,
Dates for the SecOps and Security sessions will be
architectures, announced soon for this month’s sessions.
technical skills and
security operations.
Securing the channel: journey to zero trust

Implement zero- “Cybersecurity continues to be

one of the top challenges of
trust principles our digital age and Microsoft
to help protect partners play an important role
in securing cloud
customers and transformations.”
organizations ➢ Read more in the “Securing the
channel: journey to zero trust” blog
Learn how to implement a zero-trust post.
security architecture that protects ➢ Watch the three-part "Securing the
and better secures environments and channel: journey to zero trust" video
customers. series.
The Security, Compliance, Identity
Partner Enablement Guide
Welcome to the April edition of the Security,
Compliance, and Identity
Partner Enablement Guide.
This guide is your source for the latest Security,
Compliance, and Identity information, including:
• News
• Training
• Events
• Workshops
• Certifications
• Exams
The storytelling and flow components in this
guide are designed to help partner
individuals, practice leads, and learning and
development leads better understand how to
navigate and leverage this guide.

Hope you enjoy and find this helpful!

David Branscome
Microsoft Cybersecurity Reference Architectures

We are excited to announce an update

to the Microsoft Cybersecurity
Reference Architectures (MCRA). The
MCRA describes Microsoft cybersecurity
capabilities. The diagrams describe how
Microsoft security capabilities integrate
with Microsoft platforms and third-party
platforms such as Microsoft 365,
Microsoft Azure, third-party apps such
as ServiceNow and Salesforce, and third-
party platforms such as Amazon Web
Services (AWS) and Google Cloud
Platform (GCP).

View the update and download the file

here.

Microsoft Security, Compliance,
Identity Workshops
Choose from our portfolio of Microsoft-funded targeted
workshops to advance the end-to-end security strategy of your
organization
Security
Threat protection workshop
Creates customer intent for
purchasing and/or deploying
advanced Microsoft Security
products.
Microsoft Sentinel
workshop
Creates customer intent for
deploying and adopting Microsoft
Sentinel.
Hybrid cloud security
workshop
Creates customer intent for
purchasing and adopting Azure
Defender, Azure Security Center,
and Microsoft network security
products.
Assess your security posture and uncover risks to
your current environment
Receive customized reports and document your
security strategy for key stakeholders
Leverage Microsoft cybersecurity experts to
realize the benefits of the latest tools
Build a plan with actionable steps to accelerate
your security journey
Up to $5,000 per workshop Threat protection & Hybrid cloud security
Up to $2,500 per workshop for Microsoft Sentinel Identity Up to $5,000 per workshop
• Understand customers’ security goals and objectives. Securing identities • Use Secure Score and application discovery tools to
• Identify security threats using a Microsoft 365 E5 trial. workshop help customers gain visibility into their current identity
• Provide an overview of the Microsoft Security end-to- Helps customers assess the estates.
end story. maturity of their identity estates. • Work together with your customers to define clear next
• Showcase product capabilities through newly designed, steps and the best ways to mitigate risks.
rich demos.
Compliance Up to $5,000 per workshop
• Showcase the Microsoft Sentinel experience.
• Identify active threats across identity, email, and data, in Discover sensitive data • Uncover data risks in the customer’s environment.
• Build customer confidence and mitigate risk through
both on-premises and cloud environments. workshop
data-driven analytics and visualization.
• Demonstrate automated response to threats. Provides customers with
• Identify compliance solutions in Microsoft 365 that
• Gather information to build a business case for a examples of privacy and
reduce privacy and regulatory risks and help meet
production deployment of Microsoft Sentinel. regulatory risks in data within
Modern Work environments. compliance expectations.
• Use Azure Defender to identify active threats on
targeted hybrid workloads. Manage and investigate • Uncover risky user activities in the customer’s
environment.
• Demonstrate investigation and response to threats. risk workshop
• Discover privacy, policy, and regulatory risks by
• Discover vulnerabilities on existing hybrid workloads Provides customers with
evaluating user communications inside an organization.
and explain how to reduce attack surface area. examples of potential data leaks
• Help customers better understand, prioritize, and
• Provide guidance for production implementation of and data theft within their
mitigate identified privacy and regulatory risks.
Azure Security Center, including Azure Defender. Modern Work environments.
Upcoming training
Attend an event
 Virtual Training Days—for Partners and Customers
Start

As the workplace evolves, Microsoft is dedicated to providing the tools to

empower you and your organization to achieve great things, along with the
technical training you need to make it happen from anywhere.

Dive in deep Improve your skills Explore Microsoft We make it accessible

Microsoft Virtual Training
Days are free, in-depth, virtual
training events that guide you
toward the many possibilities
for career and organizational
impact today and tomorrow.
With weekly events to match
every skill level, this is your
opportunity to grow your
technical skills and gain the
confidence to navigate what’s
ahead.
products
Discover your potential and
maximize your time with
accelerated virtual event
offerings covering a range of
technical topics for Microsoft
Azure, Microsoft 365,
Dynamics 365, Power
Platform, and Security.
Many of our events offer
closed captioning in over 20
languages. Please visit the
event registration page you
are interested in attending to
confirm what closed
captioning languages are
available
 Security Virtual Training Days
Attend the following Security Virtual Training Day events

Duration
Event Title Date Registration Link
(Hours)
Virtual Modernize Security and Defend Against Threats Register Now – Multiple Dates & Time Zones
Training Days
Protect Data and Manage Risk Varies based on languages Register Now – Multiple Dates & Time Zones
on Security
Security, Compliance, and Identity Fundamentals and time zone. Register Now – Multiple Dates & Time Zones
Zero Trust Register Now – Multiple Dates & Time Zones

Webinars
Partner webinars are free, topic-focused
events that provide you with the latest
updates on go to partner opportunity, market
programs, product updates, and best
practices.
Webinars are typically one to two hours in
length and delivered by Microsoft experts.
Partner Events
Sales Play and Product
Deep Dives
Partner sales play and product deep dives are
free, in-depth, virtual training events focused
on Microsoft’s sales plays, products, and
services.
These events can include a variety of topics
ranging from sales, pre-sales, and technical
content. Deep dives are typically delivered two
to three hours a day over multiple days and
delivered by Microsoft experts. They are
posted for on-demand consumption post
event.
Virtual Training Series on
Exams
Virtual Training Series on exams are free, in-
depth, virtual training events focused on
providing guidance for partners on how to
study for and pass Microsoft exams.
This series is complementary to the content
on Microsoft Learn. They are typically
delivered two hours a day, in multiple time
zones, over multiple days by Microsoft
learning partners. They are posted for on-
demand consumption post event.
 Partner Events
Attend the following Security events created for partners

Duration
Event Title Date Registration Link
Partner (Hours)
Webinars Unboxing Defender for Business – a Deeper Look at Capabilities,
1 5 May Register now, 9:00AM PT
with Demo and Q&A

Duration
Sales Play and Event Title Date Registration Link
(Hours)
Product Deep
Dives Coming soon

http://aka.ms/enablevts https://aka.ms/trainingcenter
 Partner Events
Attend the following security events created for partners

Duration
Event Title Date Registration Link
(Hours)
Cloud Week
Security Cloud Week for Partners Varies May 2022 Registration link available soon!

Duration
Event Title Date Registration Link
(Hours)
Microsoft Security, Compliance, and Identity Fundamentals (SC-
8 - Watch On-Demand
900)
Virtual
Microsoft Security Operations Analyst (SC-200) 10 - Watch On-Demand
Training Series
on Exams Microsoft Identity & Access Administrator (SC-300) 8 - Watch On-Demand

Microsoft Purview Information Protection (SC-400) 8 - Watch On-Demand

Microsoft 365 Security Administrator (MS-500) 10 - Watch On-Demand

http://aka.ms/enablevts https://aka.ms/trainingcenter
Certifications and
exams
Showcase your achievements and
skills
Security, Compliance, Identity Certifications and Exams
Fundamental Certifications
Microsoft Security, Compliance, and
Identity Fundamentals (SC-900)
Training includes
• 7 hours of Microsoft Learn content
• 8 hours of exam prep instructor training
• 1-day virtual training day
Microsoft training and certifications
This page lists the certifications
and exams that are
recommended for partners
looking to build and extend
their Microsoft security,
compliance, and identity
Associate Certifications practices.
The Microsoft Security,
Microsoft Cybersecurity Architect (beta) Compliance, and Identity
Azure Security Engineer (AZ-500)
(SC-100) certification portfolio includes
the following certifications:
• NEW! Exam is available Training includes
register here
• 32 hours of Microsoft Learn content • Microsoft Security,
• 4-day instructor-led training (English, Compliance, and Identity
Microsoft Security Operations Analyst Japanese, Chinese (Simplified), Korean)
Fundamentals
(SC-200)
• Microsoft Security
Training includes Operations Analyst
• 30 hours of Microsoft Learn content
Microsoft 365 Security Administrator • Microsoft Identity and
• 10 hours of exam prep instructor training
Associate (MS-500) Access Administrator
• 4-day instructor-led training (English, • Microsoft Purview
Japanese, Chinese (Simplified), Korean) Training includes
Information Protection
• 14 hours of Microsoft Learn content
Administrator
• 10 hours of exam prep instructor training
Microsoft Identity and Access • Azure Security Engineer
• 4-day instructor-led training (English)
Administrator (SC-300) • Microsoft 365 Security
Training includes Administrator
• 12 hours of Microsoft Learn content
• 8 hours of exam prep instructor training *Azure Network Engineer Associate
• 4-day instructor-led training (English, (AZ-700) *Azure Network Engineer
Japanese, Chinese (Simplified), Korean) Associate is categorized in the
Training includes Azure certification portfolio and
• 10 hours of Microsoft Learn content is also relevant to our partners.
Microsoft Purview Information • Exam prep instructor training not available
Protection Administrator (SC-400)
Go here for the latest
Training includes certification roadmap Microsoft
• 10 hours of Microsoft Learn content training and certifications
• 8 hours of exam prep instructor training
• 2-days of instructor-led training (English,
Japanese, Chinese (Simplified), Korean)
Recommended
trainings
Find recommended skilling
pathways
Identity
Threat
and Access
Protection
Management

Cloud
Compliance
Security
Every security professional aspires to be an expert when it comes to creating the
best end-to-end security environment—from identity and access management, to
threat protection, to cloud security, to compliance. But getting there takes education
and experience.

• Grow your knowledge

• Start at your current skill level
• Advance at your own pace

Fundamental Intermediate Advanced

Available Learning Journeys
Identity and Access Management Learning Journey Targeted for those who
design, implement, and
operate an organization’s
identity and access
management systems using
Azure Active Directory.
Fundamental Intermediate Advanced
• User who designs,
implements, and operates
Attend an event: Security, Compliance, SC-300 part 1: Implement an identity Other training resources: an organization’s identity
Identity Fundamentals management solution and access management
Virtual Training Day MS Learn Microsoft Defender for Identity Ninja systems by using Azure
Course, Self-Guided Blog AD.

• Manages tasks such as

SC-900 part 1: Describe the concepts of SC-300 part 2: Implement an providing secure
security, compliance, and identity Authentication and Access Management authentication and
MS Learn solution authorization access to
MS Learn enterprise applications.

• Drives strategic identity

projects to modernize
SC-300 part 3: Implement Access identity solutions and to
Management for Apps implement hybrid identity
MS Learn solutions and identity
governance.

Relevant partner roles:

SC-300 part 4: Plan and implement an
identity governance strategy • Security administrator
MS Learn
• Azure AD administrator
• Identity consultant
• Identity architect
Complete exam study & Complete exam study &
get certified! get certified!

Security, Compliance, Identity

Fundamentals (SC-900)
Microsoft Identity and Access
Administrator (SC-300) Recommended Certifications

Identity and Access Management Additional Resources
Fundamental
Overview
Fundamentals of Microsoft 365
Security + Compliance <
Intro to Security in Microsoft 365 <
Manage Security with Microsoft 365 <
Microsoft 365 Identity and Services <
Zero Trust
Principals and Overview
Azure Active Directory (AD)
Manage Identity and Access in Azure AD <
Azure AD Authentication Fundamentals4
Finding the Right Identity Strategy for Your
Organization with Azure AD4
Microsoft Endpoint Manager
Microsoft Endpoint Manager Fundamentals <
Intermediate
Azure Active Directory (AD)
Identity and Access Management Deep Dive <
Protection Identity and Access <
Manage Identities and Governance <
Enable a Combined MFA and SSPR Registration
Experience in Azure AD ◉
Configuration and Management4
Manage and Integrate Apps Securely4
Secure Remote Work4
Enable Integrated Windows Authentication
to On-Premises Applications with Azure
AD Application Proxy ◉
Configure Conditional Access in Azure AD ◉
Manage Guest User Access in Azure AD
for B2B Collaboration ◉
Integrate SaaS Applications with Azure AD ◉
Legend < Microsoft learning path 4 YouTube playlist ◉ Interactive guide
Microsoft Endpoint Manager
Managing Microsoft 365 Mobility and Security <
Manage Devices by Using Microsoft Intune <
Manage Apps by Using Microsoft Intune <
Zero Trust
Resource Center
Advanced
Azure Active Directory (AD)
App Proxy—Integrated Windows
Authentication ◉
Azure AD Secure Hybrid Access with F5 ◉
Enable B2B Collaboration in Azure AD ◉
Migrate to Cloud Authentication Using
Staged Rollout in Azure AD ◉
Enable Header-Based Authentication to
On-Premises Applications with Azure
AD Application Proxy ◉
Microsoft Endpoint Manager
Manage Devices with Microsoft
Endpoint Manager ◉
Manage Apps with Microsoft
Endpoint Manager ◉
Identity certifications SC-300, SC-900
Threat Protection Learning Journey Targeted for security
operational professionals
that design and manage
their threat protection and
response systems.

Fundamental Intermediate Advanced • User who collaborates

SC-900 part 1: Describe the concepts of
security, compliance, and identity
MS Learn
SC-900 part 3: Describe the capabilities of
Microsoft security solutions
MS Learn
SC-200 part 1: Mitigate threats using Other training resources:
Microsoft Defender for Endpoint
MS Learn
Microsoft Defender for Endpoint Ninja
Course, Self-guided blog
Microsoft 365 Defender Ninja Course,
Self-guided blog
SC-200 part 2: Mitigate threats using
Microsoft 365 Defender Microsoft Defender for Cloud Apps Ninja
MS Learn Course, Self-guided blog
Microsoft Azure Defender for IoT Ninja
Course, Self-guided blog
Microsoft Defender for Identity Ninja
SC-200 part 3: Mitigate threats using Course, Self-guided blog
Azure Defender
Microsoft Defender for Office Ninja
MS Learn
Course, Self-guided blog
with organizational
stakeholders to secure
information technology
systems.
• Goal is to reduce
organizational risk by
rapidly remediating active
attacks in the
environment.
• Advises on improvements
to threat protection
practices.
• Refers violations of
organizational policies to
appropriate stakeholders.

Relevant partner roles:

• Coming soon
Security Community Technical Webinars,
Stay updated

Complete exam study Complete exam study

and get certified! and get certified!

Security, Compliance, Identity

Fundamentals (SC-900)
Microsoft Security Operations
Analyst (SC-200) Recommended certifications
Microsoft Sentinel Learning Journey Targeted for security
operational professionals
that design and manage
their threat protection and
response systems.

Fundamental Intermediate Advanced • User who collaborates

with organizational
stakeholders to secure
SC-900 part 1: Describe the concepts of SC-200 part 4: Create queries for Microsoft Other training resources: information technology
security, compliance, and identity Sentinel using Kusto Query Language (KQL) systems.
MS Learn MS Learn
Microsoft Sentinel Ninja Course, Self-
guided blog • Goal is to reduce
organizational risk by
SC-900 part 3: Describe the capabilities of SC-200 part 5: Configure your Microsoft rapidly remediating active
Microsoft security solutions Sentinel environment Microsoft Sentinel Notebooks Ninja attacks in the
MS Learn MS Learn Course, Self-guided blog environment.

• Advises on improvements
Security Community Technical Webinars, to threat protection
SC-200 part 6: Connect logs to Microsoft
Stay updated practices.
Sentinel
MS Learn
• Refers violations of
organizational policies to
appropriate stakeholders.
SC-200 part 7: Create detections and
perform investigations using Microsoft
Relevant partner roles:
Sentinel
MS Learn
• SOC analyst

SC-200 part 8: Perform threat hunting in • Security operations team

Microsoft Sentinel
MS Learn • SIEM/XDR team

Complete exam study & Complete exam study &

get certified! get certified!

Security, Compliance, Identity

Fundamentals (SC-900)
Microsoft Security Operations
Analyst (SC-200) Recommended certifications
Cloud Security Learning Journey
Fundamental
Manage security with Microsoft 365
MS Learn
AZ-500 part 1: Secure your cloud
applications in Azure
MS Learn
AZ-500 part 2: Implement resource
management security in Azure
MS Learn
AZ-500 part 3: Implement network
security in Azure
MS Learn
Targeted for individuals who
manage the security of their
Azure and third-party
software as a service (SaaS)
cloud environments.
• Users who plan and
implement controls to
Intermediate Advanced
meet organizational
security and compliance
needs.
Safeguard multi-cloud apps and resources Configure Microsoft Cloud App Security • Those responsible for
with cloud security solutions from for advanced scenarios
translating requirements,
Microsoft MS Learn
and security and
MS Learn
compliance controls into
technical implementation.
• Those who help
AZ-500 Part 4: Implement virtual machine Other training resources:
organizational control
host security in Azure
owners manage cloud
MS Learn Microsoft Defender for Cloud Ninja security for Microsoft and
Training Self-guided blog third-party platforms
Microsoft Defender for Cloud Apps Ninja according to
Course, Self-guided blog organizational
AZ-500 Part 5: Manage identity and access requirements.
in Azure Active Directory Azure Network Security Ninja Training
• Those who create policies
MS Learn Self-guided blog
and rules for data loss
Security Community Technical Webinars prevention, IaaS/PaaS
Stay updated security, virtual
networking security and
AZ-500 part 6: Manage security operations governance, and
in Azure protection of cloud
MS Learn assets.

Relevant partner roles:

Complete exam study &
get certified!
Azure Security Engineer
(AZ-500)
• Azure administrators
• Security teams
• Data security owners
• Cloud Architects
• Implementation
Recommended certifications consultants

Security Additional Resources
Fundamental
Overview
Fundamental Knowledge of Microsoft 365
Security and Compliance Capabilities <
Intro to Security in Microsoft 365 <
Manage Security with Microsoft 365 <
Azure Security Fundamentals <
SIEM + XDR
SIEM + XDR Announcement
Microsoft Defender
Intro to Threat Protection with Microsoft 365 <
Azure Defender Overview
Microsoft Sentinel
Deploy Microsoft Sentinel and Connect Data Sources <
Introduction to Microsoft Sentinel​ <
Microsoft Sentinel Overview
Microsoft Sentinel Video Overview
Deploy Microsoft Sentinel and Connect Data Sources <
Top 10 Best Practices for Azure Security 4
Microsoft Defender for Cloud
Azure Security Center Overview
Identify Security Threats with Azure Security Center <
Protect Against Security Threats on Azure <
Microsoft Defender for Cloud Apps
Secure Cloud Apps Using Microsoft Cloud App Security <
Discover and Manage Cloud App Usage with Microsoft Cloud App Security ◉
Protect and Control Information with Microsoft Cloud App Security ◉
Automate Alerts Management with Microsoft Power Automate and Cloud App Security ◉
Intermediate
Microsoft 365 Defender
Microsoft Defender: Extended Detection
and Response (XDR)4
Threat Protection Technical Deep-Dive <
Defend Against Threats with Microsoft Threat Protection <
Protect Your Organization with Microsoft 365 Defender ◉
Stop Attacks & Reduce Operations Workloads by 50%
Azure Security Center
Azure Security Center <
How to Effectively Perform an Azure Security Center PoC <
Protect Your Hybrid Cloud with Azure Security Center ◉
Resolve Threats with Azure Security Center <
Design a Holistic Monitoring Strategy on Azure
Implement Virtual Machine Host Security in Azure <
Improve Your Cloud Security Posture with
Azure Security Center <
Legend < Microsoft learning path 4 YouTube playlist ◉ Interactive guide
Advanced
Microsoft Defender for Identity Microsoft Sentinel
Identify Attacks ◉ Microsoft Sentinel Ninja Training
Investigate Attacks ◉ Detect Unknown Threats with User
and Entity Behavior Analytics
Microsoft Defender For Endpoint
Investigate and Remediate Threats ◉ Microsoft Defender
Threat Vulnerability Management ◉ Improve SecOps with Microsoft Sentinel,
Cloud-Native SIEM
Microsoft Defender for Endpoint Ninja Training
Web Shell Attack Deep Dive
Microsoft Defender for Office 365
Microsoft 365 Defender
Microsoft Defender for Office 365 <
Microsoft 365 Defender Ninja Training
Safeguard Your Organization with
Microsoft Defender for Office 365 ◉ Best Practices for Hunting Across Domains
Microsoft Sentinel Azure Security Center
Modernize Your SOC with Microsoft Sentinel ◉ Azure Security Center Ninja Training
Deploy Microsoft Sentinel and Connect
Microsoft Defender for Endpoint
Data Sources <
Microsoft Defender for Endpoint
Implement Windows Server Hybrid Cloud Ninja Training
Management, Monitoring, and Security <
Improve SecOps with Microsoft Sentinel, Microsoft Cloud App Security
Your Cloud-Native SIEM Microsoft Cloud App Security Ninja
Training
Microsoft Cloud App Security
Configure Microsoft Cloud App Security for
Detect Threats and Protect Information in Advanced Scenarios <
Cloud Apps Using Microsoft Cloud App
Security <
Detect Threats & Manage Alerts ◉
Discover, Protect, and Control Apps ◉
Safeguard Multi-cloud Apps and Resources
with Cloud Security Solutions <
Security certifications: SC-900, SC-200
Information Protection & Governance Learning Journey Targeted for those who plan
and implement controls
that meet organizational
compliance needs.

• User who plans and

Fundamental Intermediate Advanced implements controls that
meet organizational
compliance needs.
SC-900 part 1: Describe the concepts of SC-400 part 1: Implement Information Microsoft 365 Advanced eDiscovery
security, compliance, and identity Protection in Microsoft 365 Ninja Course • Responsible for
MS Learn MS Learn Self-guided blog translating requirements
and compliance controls
Microsoft Purview Information into technical
Protection Ninja Course implementation.
SC-900 part 4: Describe the capabilities of SC-400 part 2: Implement Data Loss Self-guided blog
Microsoft compliance solutions Prevention • Assists organizational
MS Learn MS Learn Microsoft Defender for Cloud Apps Ninja control owners to
Course,
become and stay
Self-guided blog
compliant.
Compliance Manager Ninja course
SC-400 part 3: Implement Information Self-Guided blog
• Creates policies and rules
Governance in Microsoft 365
for content classification,
MS Learn M365 Compliance One-Stop-Shop (OSS) data loss prevention,
Self-guided site governance, and
protection.

Relevant partner roles:

• Compliance teams
• Data security teams
• Cloud architects
• Implementation
Complete exam study & Complete exam study & consultants
get certified! get certified!

Security, Compliance, Identity

Fundamentals (SC-900)
Microsoft Purview Information
Protection Administrator (SC-400) Recommended Certifications

Compliance Additional Resources
Fundamental
Microsoft 365 Compliance
Be a Risk Management Hero4
Supercharge Information Protection
and Governance4
Don’t Lose Sleep Over Insider Risks4
Simplify and Extend Compliance
Beyond Microsoft 3654
Safeguard Customer Data
Learn How Microsoft Safeguards
Customer Data <
Microsoft Priva (Privacy
Management)
General Availability Announcement
Introducing Privacy Management for
Microsoft 365
Microsoft Mechanics Video
Priva Management for Microsoft 365
Product Page
Priva Trial Playbook
Legend < Microsoft learning path 4 YouTube playlist ◉ Interactive guide
Intermediate Advanced
Information Protection and Governance Discover & Respond Compliance Ecosystem
Information Protection and Governance4 Advanced eDiscovery and Advanced Audit < Security and Compliance4
Protect Sensitive Data with Microsoft Discover & Respond4
Information Protection ◉ Conduct Forensic Investigations with eDiscovery
Information Protection & Governance < Advanced Audit in Microsoft 365 ◉ Become a Microsoft 365 Advanced
eDiscovery Ninja
Insider Risk Management Compliance Management
Manage Internal Risk in Microsoft 365 < Reduce Risk with Microsoft Purview Compliance Microsoft Purview Information Protection
Manager < Ninja
Minimize Internal Risks ◉
Simplify Compliance and Reduce Risks4 MIP Ninja
Insider Risk Management4
Minimize Communication Risks ◉ Microsoft Defender for Cloud Apps Ninja
Priva API and Integration
Implement Privileged Access Management ◉ Course
Privacy Integration Blog Cloud Apps Ninja
Graph API Integration with Subject Rights request
Compliance Manager Ninja course
Compliance Manager Ninja
M365 Compliance One-Stop-Shop (OSS)
Self-guided site
Insider risk
Insider Risk Management Ninja
Communications
Communication Compliance Ninja
Information Protection and Governance certifications SC-400, SC-900
Additional resources
Find additional resources to
support you on your journey
Identity and endpoint workshops
Transition to cloud
Methodology Introduce the value of Microsoft 365,
highlighting scenarios to enable work from
anywhere securely, including Microsoft
Teams, securing mobile access,
foundational identity, and security.
Outcome Create intent for purchasing and deploying
Microsoft 365 E3.
Customer Customers without Office 365 or Microsoft
eligibility 365 AND >300 PCIB*
Customers on Office 365 with:
1000+ Exchange Online paid available
units (PAU)*
<20% Teams usage
Funding Up to $5,000 per workshop
aka.ms/PartnerAccelerators
Endpoint management Securing identities
Assess customers IT estate by using Assess customers identity security posture
Microsoft Endpoint Manager, Intune, using Secure Score and application
Azure AD, Autopilot, and Endpoint discovery assessments. Provide
analytics. Provide recommendations on recommendations to mitigate risk.
the best way to manage endpoints.
Create intent for moving from Office 365 to Create intent to migrate from AD FS* to
Microsoft 365. managed identities, from third-party
Identity provider to Azure AD* and
migrating application identity to Azure AD*
1000+ Exchange Online PAU* 800+ AADP PAU*
20%+ Teams usage 5%+ AADP usage
20%+ Exchange Online usage
<40% Intune usage
Up to $5,000 per workshop Up to $5,000 per workshop
*PCIB – Personal Computer Installed Base
*PAU – Paid Available Units
*AD FS – Active Directory Federation Services
*AADP – Azure Active Directory Premium
*Azure AD – Azure Active Directory
Security workshops

Threat protection Microsoft Sentinel Hybrid cloud security

Methodology Discover threats in a customer’s M365
cloud environment by using the Threat
Check license, and provide
recommendations to mitigate threat.
Discover threats in a customer’s M365
cloud environment by using Microsoft
Sentinel and Threat Check license, and
provide recommendations to mitigate
threat.
Discover threats and vulnerabilities in a
customer’s Azure, hybrid, and multi-cloud
environment. Provide recommendations to
mitigate.

Outcome Create intent for purchasing and deploying Create intent for purchasing and deploying Create intent for purchasing and deploying
M365 E5 Security. Microsoft Sentinel. Azure Defender and Network Security
products.

Customer 800+ AADP PAUs* 800+ AADP* paid available units (PAU*) Annual Azure consumption for servers,
eligibility 250+ monthly active units (MAU) for EXO, 250+ MAU* for EXO*, SPO*, or Teams SQL, and storage must be >$150,000 USD.
SPO, or Teams Azure Defender consumption is <4% of
total Azure consumption.

Funding Up to $5,000 per workshop Up to $2,500 per workshop Up to $5,000 per workshop

*PAU – Paid Available Units

*MAU – Monthly Active Usage
*EXO – Exchange Online
aka.ms/PartnerAccelerators *SPO – SharePoint Online
*AADP – Azure Active Directory Premium
*Azure AD – Azure Active Directory
Compliance workshops

Discover sensitive data Manage and investigate risk

Objective Discover sensitive data in the customers environment using Discover insider risk in a customer’s data by using the Data Risk
the Data Risk Check License, and provide recommendations Check license, and provide recommendations to mitigate risk.
to mitigate risk.

Outcome Create intent for purchasing and deploying E5 Compliance. Create intent for purchasing and deploying E5 Compliance.

Customer 800+ AADP* paid available units (PAU*) 800+ AADP paid available units (PAU*)
eligibility 250+ monthly active units (MAU*) for EXO*, SPO*, or Teams 250+ monthly active units (MAU*) for EXO*, SPO*, or Teams

Funding Up to $5,000 per workshop Up to $5,000 per workshop

*PAU – Paid Available Units

*MAU – Monthly Active Usage
*EXO – Exchange Online
*SPO – SharePoint Online
*AADP – Azure Active Directory Premium
aka.ms/PartnerAccelerators
Developed to ensure customers have the skilling and learning resources
available to stay educated in the world of complex cybersecurity attacks.

No matter a customer's role or experience level, the Microsoft Security Technical

Content Library enables you to support our customers, helping them grow their
skills and learn how to utilize the full breadth of Microsoft Security solutions.

• Use search filters

• Access content based on your needs
• Start learning today

Click here to access the

Microsoft Security Technical
Content Library.
Help your customers learn, get Microsoft certified, and join other security professionals
in the online Microsoft Security community. They can participate in discussions about
additional training and enablement, find key role resources, and more.

Join Certifications Resources Follow Us

Microsoft 365 Security, Compliance & Identity
Partners Yammer Community
Security, Compliance, and Identity –
Microsoft Tech Community
SC-900: Microsoft Security, Compliance, Microsoft Security Technical Content Library Microsoft Security on Twitter
and Identity Fundamentals Microsoft Security website Microsoft Azure Active Directory on Twitter
SC-100: Microsoft Cybersecurity Architect (beta)
Azure website Microsoft Security on LinkedIn
SC-200: Microsoft Security Operations Analyst Microsoft Security blog Microsoft Security YouTube channel
SC-300: Microsoft Identity and Access
Security documentation
Administrator
Microsoft Sentinel documentation
SC-400: Microsoft Purview Information
Protection Administrator Microsoft Learn for Security, Compliance,
and Identity
MS-900: Microsoft 365 Fundamentals
MS-500: Microsoft 365 Security Administration
AZ-900: Azure Fundamentals
AZ-500: Microsoft Azure Security Technologies
AZ-700: Designing and Implementing Microsoft
Azure Networking Solutions
Secure Remote Work Practice Development Playbook

Playbook Table of Contents

About this Playbook Operationalize
Market Opportunity Implement a Solution Delivery Process
Partner Practice Development Framework Accessibility and Digital Inclusion
Building a Teams Practice
Define Your Strategy Identity and Access Management (IAM)
Define the Practice Focus Device Deployment and Management
Benefits of Secure Remote Work Virtual Desktop Solutions
Understanding the Secure Remote Work Opportunity Key Contracts and Practice Tools
Teams Meetings, Calling, and Devices Use CRM to Grow the Business
Secure Remote Work Commercial Marketplace
Windows Virtual Desktop Customer Support
Define and Design the Solution Offer Support Options from Microsoft
Understanding Project-Based Services Support Ticket Setup and Tracking
Understanding Managed Services Troubleshooting Resources
Understanding Intellectual Property
Define Vertical Offerings Go to Market and Close Deals
Product Licensing and Strategy Options Buyer Engagement
Microsoft Programs Consultative Selling and Technical Pre-Sales
Define a Pricing Strategy Microsoft Technology Centers
Pre-Sales, Post-Sales, and Support Architecture Design Session (ADS)
Sales Compensation Planning Set Up Social Offerings
Awareness Internal customer and Advanced Specializations
Competencies
Hire & Train
Building Your Team Four emails in .OFT Three emails to share
Optimize and Grow
Role Descriptions format for you to send with customers, enabling
Partnering with Microsoft
Recruiting Resources Best Practices
to customers to make easy internal sharing
Preparing and Training Technical Staff
Certifications them aware of the with links to the self-
program and encourage guided skilling resources.
their participation.
https://aka.ms/remoteworkplaybook
Security Practice Development Playbook
Playbook Table of Contents
About this Playbook
The Security Opportunity
Define Your Strategy
Define Your Practice Focus
Understanding the Security Practice
Understanding Project Based Services
Deploy Microsoft Intune
Deploy Microsoft Sentinel
Deploy Azure Information Protection
Understanding and Accelerating Your Managed Service
Model
Understanding Intellectual Property
Define Vertical Offerings
Define Your Pricing Strategy
Identify Partnership Opportunities
Define Engagement Process
Stay Informed on Security & Compliance
Calculate Your Azure Practice Costs
Identify Potential Customers
Identify Solution Marketplace Platform
To provide feedback, email:
[email protected]
Understanding Customer Lifetime Value
https://aka.ms/cloudsecurityplaybook
Hire & Train
Hire, Build, and Train Your Team
Job Descriptions
Recruiting Resources
Training & Readiness
Competencies & Certifications
Operationalize
Implement a Solution Delivery Process
Define Customer Support Program & Process
Manage and Support and Azure Deployment
Support Ticket Setup and Tracking
Integrate Into a Marketplace
Implement Intellectual Property Offerings
Setup Social Offerings
Create Engagement Checklists & Templates
Go to Market and Close Deals
Marketing to the Security Buyer
Consultative Selling and Technical Pre-Sales
Architecture Design Session
Implement Proofs of Concept
Optimize and Manage
Change log
Stay updated on changes to this
resource
Change log
Month of May
• Added the Days of the Defenders page
• Added the Microsoft Canada Security page
Week of Mar 18
• Added the Securing the channel: journey to zero trust page.
• Added the Secure All the Things page.
• Added the Security Days page.
Week of Feb 18
• Added the Microsoft Priva page.
• Added the May Security Cloud Week page.
Week of Jan 18:
• Partner Events: added multiple webinars
• Added David Branscome biography page
Week of Dec 16:
• Top News: added Security Cloud Week slide & registration
• Partner Events: added Security Cloud Week registration
Week of Nov 11:
• Partner Events: added Elevate your Customers’ Security with Microsoft Defender for Business
Week of Nov 1:
• Information Protection & Governance Learning Journey: added Microsoft Purview Information Protection Ninja course
Thank you!