Microsoft Trainings

SC-200: Microsoft Security Operations Analyst

SC-200 is a four-day course for security professionals responsible for threat detection, investigation, and response. It focuses on using Microsoft Sentinel, Microsoft Defender for Cloud, Microsoft Defender for Endpoint, and Microsoft 365 Defender. Participants learn how to investigate incidents, perform threat hunting with Kusto Query Language, configure data connectors, create detections, and automate responses. The course aligns with the Microsoft Certified: Security Operations Analyst Associate certification.

4 days
in person, virtual live
Certified bymicrosoft logo

What you'll gain

Investigate threats with Microsoft Sentinel
Respond to incidents using Defender tools
Hunt threats with KQL queries
Configure SIEM and SOAR workflows

Next sessions

Upcoming dates you can join soon.

This course runs multiple times per year, onsite and online.

View sessions
Tentative
EN
20 Apr - 23 Apr
Lausanne & Online
Virtual Live + Onsite

Key takeaways

  • Investigate and respond to security incidents

  • Use Microsoft Sentinel for SIEM and SOAR

  • Perform threat hunting with KQL

  • Mitigate threats across cloud and endpoints

Course Description

Loading content...

Course Details

  • Loading content...

Professional Testimonials

Henri perfectly filled in the gaps in our knowledge and tailored the course contents to our difficult schedules, many thanks !

Simon Baynes

BCMS manager

MSC MEDITERRANEAN SHIPPING COMPANY SA

Simon Baynes
Henri and Alexis conducted a focused, intensive four-day ISO/IEC 27001 Lead Implementer Course of immediate relevance to The Global Fund. Participants representing both IT and Risk are now better prepared to design and operationise a corporate ISMS.

Andreas Tamberg

Senior advisors enterprise risk management

The Global Fund

Andreas Tamberg
Overall enjoyable training. To the point end trainer kept clear focused.

Stephane Di Bari

Service operations manager

UNICC

Stephane Di Bari

Frequently Asked Questions

Get instant answers to common questions about this course from our expert trainers.

What does the SC-200 course focus on?

SC-200 focuses on investigating, responding to, and hunting cyber threats using Microsoft Sentinel and Microsoft Defender technologies.

Learn how to investigate, respond to, and hunt for threats using Microsoft Sentinel.

Expert Trainer

SC-200security operationsMicrosoft Sentinelthreat hunting+1 more

Who should attend the SC-200 Security Operations course?

SC-200 is designed for Security Operations Analysts responsible for monitoring, investigating, and responding to threats.

The course was designed for people who work in a Security Operations job role.

Expert Trainer

SC-200 audiencesecurity analystSOC role

How does SC-200 use Microsoft Sentinel?

SC-200 uses Microsoft Sentinel as the central SIEM and SOAR platform for detection, investigation, and response.

Configure and use Microsoft Sentinel.

Expert Trainer

Microsoft SentinelSIEMSOARSC-200

What role does KQL play in SC-200?

SC-200 uses KQL to query logs, analyze threats, build detections, and perform threat hunting.

Utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting.

Expert Trainer

KQLthreat huntinglog analysisSC-200

How does SC-200 address threat hunting?

SC-200 covers proactive threat hunting using Microsoft Sentinel queries, bookmarks, livestream, and notebooks.

Perform threat hunting in Microsoft Sentinel.

Expert Trainer

threat huntingMicrosoft SentinelSC-200

All sessions

Browse every upcoming session for this course.

1 sessions
Next session
20 Apr–23 Apr · Lausanne & Online · EN
SC-200: Microsoft Security Operations Analyst
Tentative

SC-200: Microsoft Security Operations Analyst

Session: EN
Materials: EN / FR
20 Apr-23 Apr
4 jours
Virtual-Live + Onsite
Lausanne & Online
€ Contact us for pricing
microsoft logo

We use cookies to improve your experience

Necessary cookies are always active. You can accept, reject non-essential cookies, or customize your preferences.