home > training > SC-5006v2: Enhance Security Operations by Using Microsoft Security Copilot (v2)

SC-5006v2: Enhance Security Operations by Using Microsoft Security Copilot (v2)

Is it right for your organization?

$695  |  $0 (With Winter Promo Discount)   With Promotional Discount

  • 1 Day
  • MOC: SC-5006
  • Included in the "all-you-can-eat" Microsoft Live Training Subscription Learn More

Interface Gold™Gold Benefits: Retake this course for one year. Money-back guarantee. Price Match available. Replay™ class recordings are not included due to licensing restrictions. MS SubscriptionIncluded in the "all-you-can-eat" Microsoft Live Training Subscription.

Dates Available
Class Time
Guaranteed
to Run
Attend
Live Online
Rewatch with
Replay™
 
Oct 31
This class date is Guaranteed to Run and will not change.
Guaranteed To Run
Attend Live Online
Nov 21
This class date is Guaranteed to Run and will not change.
Guaranteed To Run
Attend Live Online
Register today - no risk!  No cancellation fees.  Full money back guarantee!
x
Course:
  • This field is for validation purposes and should be left unchanged.

Course Description

In this 1-day class, you will get a clear introduction to the principles of generative AI and how it is reshaping the cybersecurity landscape. You will gain an understanding of the advanced capabilities and implementation costs of Microsoft Security Copilot. By the end of the course, you’ll be able to evaluate whether Microsoft Security Copilot aligns with your organization’s security strategy and delivers measurable value.

Outline

Module 1: Introduction to generative AI concepts

In this module, you explore the way in which language models enable AI applications and services to generate original content based on natural language input. You also learn how generative AI enables the creation of agents that can assist humans in creative tasks.

Lessons

  • What is generative AI?
  • How do language models work?
  • Understanding how transformers advance language models
  • Understanding differences in language models
  • Improve prompt results
  • Create responsible generative AI solutions

Exercise

  • Explore generative AI agent scenario

 

Module 2: Describe Microsoft Security Copilot

Get acquainted with Microsoft Security Copilot. You are introduced to some basic terminology, how Microsoft Security Copilot processes prompts, the elements of an effective prompt, and how to enable the solution.

Lessons

  • Get acquainted with Microsoft Security Copilot
  • Describe Microsoft Security Copilot terminology
  • Describe how Microsoft Security Copilot processes prompt requests
  • Describe the elements of an effective prompt
  • Describe how to enable Microsoft Security Copilot

Exercise

  • None

 

Module 3: Describe the core features of Microsoft Security Copilot

Microsoft Security Copilot has a rich set of features. Learn about available plugins, promptbooks, the ways you can export and share information from Copilot, and much more.

Lessons

  • Describe the features available in the standalone experience of Microsoft Security Copilot
  • Describe the features available in a session of the standalone experience
  • Describe workspaces
  • Describe the Microsoft plugins available in Microsoft Security Copilot
  • Describe the non-Microsoft plugins supported by Microsoft Security Copilot
  • Describe custom promptbooks
  • Describe knowledge base connections

Exercise

  • None

 

Module 4: Describe the embedded experiences of Microsoft Security Copilot

Microsoft Security Copilot is accessible directly from some Microsoft security products. This is referred to as the embedded experience. Learn about the scenarios supported by the Copilot embedded experience in Microsoft’s security solutions.

Lessons

  • Describe Copilot in Microsoft Defender XDR
  • Copilot in Microsoft Purview
  • Copilot in Microsoft Entra
  • Copilot in Microsoft Intune
  • Copilot in Microsoft Defender for Cloud (Preview)

Exercise

  • None

 

Module 5: Describe Microsoft Security Copilot agents

Automate threat detection and response with Microsoft Security Copilot agents—AI-powered tools that streamline cybersecurity operations, reduce manual workloads, and scale protection across your digital environment.

Lessons

  • Describe Microsoft Copilot Security agents
  • Describe the Threat Intelligence Briefing Agent
  • Explore the Threat Intelligence Briefing Agent
  • Describe the Conditional Access Optimization Agent
  • Explore the Conditional Access Optimization Agent
  • Describe the Phishing Triage Agent

 

Module 6: Explore use cases of Microsoft Security Copilot

Explore use cases of Microsoft Security Copilot in the standalone and embedded experiences, through lab-like exercises.

Lessons

  • Introduction

Exercises

  • Explore the first run experience
  • Explore the standalone experience
  • Explore Security Copilot workspaces
  • Configure the Microsoft Sentinel plugin
  • Enable a custom plugin
  • Explore file uploads as a knowledge base
  • Create a custom promptbook
  • Explore the capabilities of Copilot in Microsoft Defender XDR
  • Explore the capabilities of Copilot in Microsoft Purview
  • Explore the capabilities of Copilot in Microsoft Entra
Audience

This course is targeted at cybersecurity professionals interested in getting started with Microsoft Security Copilot, including security analysts, security admins, and SOC managers.

The person taking this course is looking to familiarize themselves with the functionality of Microsoft Security Copilot in both the standalone and embedded experiences.

Prerequisites

They should have working knowledge of:

  • Security operations and incident response.
  • Experience with Microsoft security products and services.
  • And is interested in learning how Microsoft Security Copilot, an AI-powered security analysis tool, can help them process security signals and respond to threats more quickly.
What You Will Learn
  • Explain the fundamentals of generative AI and the role of large and small language models in security operations.
  • Describe Microsoft Security Copilot’s features, capabilities, and terminology.
  • Onboard and configure Security Copilot, including provisioning capacity, setting environments, and assigning roles.
  • Navigate the standalone Copilot experience, including sessions, promptbooks, plugins, and workspaces.
  • Apply Copilot in embedded contexts such as Microsoft Defender XDR, Microsoft Purview, Microsoft Entra, Microsoft Intune, and Microsoft Defender for Cloud.
  • Leverage Security Copilot agents (such as the Threat Intelligence Briefing Agent and Phishing Triage Agent) to automate repetitive tasks and reduce workloads.
  • Conduct guided, simulation-based exercises to reinforce hands-on understanding of Copilot’s use in real-world scenarios.
  • Integrate Copilot Security with 3rd party XDR and SOAR ecosystems (Crowdstrike Falcon, Palo Alto, SentinelOne, Cisco, Trend Micro, Shodan, CyberArk, and CrowdSec to name a few.)
  • Estimate the cost of deploying Microsoft Security Copilot within your organization.