Next episode graphic

Next episode on September 25

Join us on September 25, 2023 at 9:00AM PT for the next Virtual Ninja Training!

Add to calendar
Watch on demand graphic

Watch on demand

Watch past episodes on demand, and catch up for the next Ninja training.

Watch now
Download backgrounds graphic

Download Ninja Cat backgrounds

Add Ninja Cat to your Microsoft Teams meeting using our collection of backgrounds.

Download collection


Episodes on demand

Live response

September 20, 2023 Season 5 Episode 4

We’re on with Product Manager Lior Liberman and Senior Software Engineer Ameer Tabony to discuss the highly anticipated Live response feature. We will define what it is; learn which platforms support it today; and talk scripts, service limitations, and more. Join us as we share a powerful demo showcasing the script library and learn how analysts can use this tool to their advantage.

View this episode's Q&A

Guest:

Ameer Tabony

Ameer Tabony

Microsoft

Lior Liberman

Lior Liberman

Microsoft

Integrating Microsoft 365 Defender with Azure Logic Apps

September 18, 2023 Season 5 Episode 3

A returning guest from season 4, Christos Ventouris, explains the powerful integration of Microsoft 365 Defender with Azure Logic Apps. Learn how these two platforms can automate and optimize your incident response, enhance cybersecurity infrastructure, and improve organizational resilience.

View this episode's Q&A

Guest:

Christos Ventouris

Christos Ventouris

Microsoft

Microsoft Defender for Endpoint configuration management deep dive

September 13, 2023 Season 5 Episode 2

We’re back with Dan Levy for an in-depth explanation of the Microsoft Defender for Endpoint feature updates introduced in our last episode. Join us to understand what happens on a device that is managed using multiple tools and channels, get recommendations for managing permissions between the Microsoft 365 Defender and Microsoft Intune portal, streamline grouping and targeting efforts, and learn how to mitigate unsupported scenarios.

View this episode's Q&A

Guest:

Dan Levy

Dan Levy

Microsoft

What’s new in the Microsoft Defender for Endpoint configuration management space?

September 11, 2023 Season 5 Episode 1

Join our season 5 opener to catch up on major Microsoft Defender for Endpoint feature updates in public preview. Senior Product Manager Dan Levy presents what’s new in this space, such as endpoint security policies being available in the Microsoft 365 Defender portal; explains how these updates improve the day-to-day activities of security admins.

View this episode's Q&A

Guest:

Dan Levy

Dan Levy

Microsoft

New Microsoft Teams protection

June 27, 2023 Season 4 Episode 8

Celebrate season 4 with us as we venture into our last episode with Daniel Mozes and Malvika Balaraj. We catch up on the latest Microsoft Teams protection features, understanding how they work and how to use them firsthand through a superb demo. You also get to explore the product roadmap to discover where things are headed when it comes to additional protection in Microsoft Teams.

View this episode's Q&A

Guest:

Daniel Mozes

Daniel Mozes

Microsoft

Malvika Balaraj

Malvika Balaraj

Microsoft

Near-real-time detections in Microsoft 365 Defender

June 22, 2023 Season 4 Episode 7

Learn about Microsoft 365 Defender’s exciting public preview feature – near real-time (NRT) custom detection rules. Senior Product Manager, Christos Ventouris, dives into the value of these detections and how they can be leveraged to allow you to keep up with attackers and mitigate threats as fast as possible.

View this episode's Q&A

Guest:

Christos Ventouris

Christos Ventouris

Microsoft

Simplified SaaS Security deployment with Microsoft Defender for Cloud Apps

June 20, 2023 Season 4 Episode 6

Senior Product Manager Keith Fleming brings you up to speed on the evolution and growth of Microsoft Defender for Cloud Apps. Learn about the significance of shifting from the traditional CASB to a SaaS security perspective and get to know the few simple steps it takes to enable Defender for Cloud Apps in your environment.

View this episode's Q&A

Guest:

Keith Fleming

Keith Fleming

Microsoft

Incident response: investigating a ransomware incident Part 2

June 15, 2023 Season 4 Episode 5

Just like that, our mini-series wraps up! Corina is back to provide an epic finale to our ransomware investigation. A continuation of the previous episode, here she shows how to remediate and prevent future ransomware attacks against your organization.

View this episode's Q&A

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Incident response: investigating a ransomware incident Part 1

June 13, 2023 Season 4 Episode 4

Join our first incident response investigation focused on a ransomware attack. Tune into our discussion with Principal Product Manager Corina Feuerstein as she unveils the various components of an attack and the containment measures to take when you have been affected.

View this episode's Q&A

Guest:

Corina Feuerstein

Corina Feuerstein

Microsoft

Incident response: business email compromise

June 8, 2023 Season 4 Episode 3

Principal Security Researcher Pawel Partyka continues our incident response studies as he shares the necessary skills to manage business email compromise incidents like an expert using Microsoft 365 Defender.

View this episode's Q&A

Guest:

Pawel Partyka

Pawel Partyka

Microsoft

Incident response: malware investigations

June 6, 2023 Season 4 Episode 2

Deepen your incident response knowledge with this episode, focused on malware investigations. DEX-XDR threat hunter and Principal Security Researcher Michael Melone introduces you to the incident response playbook for managing malware incidents effectively.

View this episode's Q&A

Guest:

Michael Melone

Michael Melone

Microsoft

Incident response: investigation capabilities in Microsoft 365 Defender

June 1, 2023 Season 4 Episode 1

Season 4 begins with our first mini-series, focused on incident response. In this episode, Oren Saban shares how to efficiently pivot through an incident in Microsoft 365 Defender. His demo will equip you with tools to investigate incidents efficiently, focus on affected entities, and defend against threats in your environment.

View this episode's Q&A

Guest:

Oren Saban

Oren Saban

Microsoft

Identity threat detection and response

March 30, 2023 Season 3 Episode 10

We’re wrapping up season 3 by adding another acronym to your repertoire! Or Tsemah breaks down what identity threat detection and response (ITDR) is and how this tool protects one of our most valuable and difficult-to-protect assets, our identities. Come with us as we dig into the importance of threat detection and response in the Microsoft 365 Defender portal, investigate some cyberattacks, and learn how to identify identities that pose threats to your environment.

Guest:

Or Tsemah

Or Tsemah

Microsoft

Attack disruption

March 29, 2023 Season 3 Episode 9

Cyber Security Principal Product Manager Hadar Feldman is with us for a comprehensive walkthrough of the many capabilities in Microsoft 365 Defender that help disrupt attacks. Join us to learn more on how Microsoft 365 Defender automatically detects, disrupts, and defends against attacks.

Guest:

Hadar Feldman

Hadar Feldman

Microsoft

Get to know the Microsoft Defender Vulnerability Management Premium Capabilities

March 27, 2023 Season 3 Episode 8

Here we examine the Microsoft Defender Vulnerability Management key components alongside security professional, Brandon Lawson. We’re defining several critical assessments, applications, and analyses so you can more confidently understand how to protect and defend your environment.

Guest:

Brandon Lawson

Brandon Lawson

Microsoft

Microsoft Defender for Identity and Defender for Endpoint: Better together

March 23, 2023 Season 3 Episode 7

Led by security professional Daniel Naim, this episode explains the advantages of using Microsoft Defender for Identity and Defender for Endpoint together. Through a demo in the Microsoft 365 Defender portal, Daniel highlights how this unified product experience helps customers protect their organization’s identities and improve their overall security posture.

Guest:

Daniel Naim

Daniel Naim

Microsoft

SaaS security posture management (SSPM)

March 21, 2023 Season 3 Episode 6

Join us as we learn about Microsoft Defender for Cloud Apps SSPM. David Mallett simplifies the initial deployment of this security feature, guides us through the integration of SaaS security and cloud access security brokers, and even explains how to avoid misconfigurations. Tune in to this episode as we learn why security posture is crucial for any organization.

Guest:

David Mallet

David Mallet

Microsoft

Mobile Threat Defense

March 20, 2023 Season 3 Episode 5

Product expert, Yuji Aoki, shares key threat defense capabilities within Microsoft Defender for Endpoint for iOS and Android. From a complete onboarding walkthrough to a live demo to showcase the user experience, don’t miss these insights on how to best protect your mobile devices.

Guest:

Yuji Aoki

Yuji Aoki

Microsoft

Defender Experts for Hunting Overview

March 16, 2023 Season 3 Episode 4

Learn about Microsoft Defender Experts for Hunting—a service that proactively looks for threats 24/7/365, prioritizing significant threats and improving your SOC’s overall responsiveness. Join the conversation, where product experts Steve Lee and Elisa Lippincott discuss the Defender Experts for Hunting service and other essential threat-hunting capabilities.

Guest:

Elisa Lippincott

Elisa Lippincott

Microsoft

Steve Lee

Steve Lee

Microsoft

Microsoft Sentinel integration

March 14, 2023 Season 3 Episode 3

Together with Sentinel in the Field host Javier Soriano, we provide an overview of Microsoft Sentinel and discuss the integration points within Microsoft 365 Defender, showcasing bidirectional synchronization of incidents, demonstrating how to stream advanced hunting tables to Microsoft Sentinel, and examining remediation playbooks for Microsoft 365 Defender.

Guest:

Javier Soriano

Javier Soriano

Microsoft

Mastering Email Authentication and Slashing Overrides Part 2

March 9, 2023 Season 3 Episode 2

Dive deeper into Microsoft Defender for Office 365 to better understand the complexities behind false-positives and false-negatives in email. Part 2 of this series outlines practices you can put in place now to prevent malicious, spam, or phishing emails in your environment.

Guest:

Paul Newell

Paul Newell

Microsoft

Mastering Email Authentication and Slashing Overrides Part 1

March 7, 2023 Season 3 Episode 1

Paul Newell shares the importance of using Microsoft Defender for Office 365 to implement email authentication practices. Find out how poor practices can cause false-positives, how overrides can cause false-negatives, and how standards can affect your organization’s incoming email.

Guest:

Paul Newell

Paul Newell

Microsoft

Microsoft 365 Defender MVP special

December 21, 2022Season 2Episode 9

In this special episode, Heike and colleagues talk with two of our MVPs to discuss their experience as MVPs. They’ll even share tips and tricks so that you can become an MVP, too! This episode is the perfect way to round out the year.

Guests:

Katie Ryckman profile picture

Katie Ryckman

Microsoft

Ben Harris profile picture

Ben Harris

Microsoft

Urja Gandhi profile picture

Urja Gandhi

Microsoft

Enterprise IoT overview

December 14, 2022Season 2Episode 8

Discover how Microsoft Defender for IoT can help enterprises monitor assets and risks across their entire IoT environment. Join us as our expert, Nimrod Aldaag, talks about the lates product capabilities.

Guest:

Nimrod Aldaa profile picture

Nimrod Aldaag

Microsoft

Microsoft Defender for Cloud Apps deep dive

December 2, 2022Season 2Episode 7

Caroline Lee is back to give you a deeper dive into Microsoft Defender for Cloud Apps, including capabilities such as information protection, user scoring, Advanced Hunting, and app governance. Don’t miss this one!

Guest:

Caroline Lee profile picture

Caroline Lee

Microsoft

Microsoft Defender for Cloud Apps Overview

November 30, 2022Season 2Episode 6

Caroline Lee joins us to give you a guided tour of Microsoft Defender for Cloud Apps. Learn how discovery works, dive into connectors, learn to define policies, and more.

Guest:

Caroline Lee profile picture

Caroline Lee

Microsoft

Microsoft 365 Defender overview

November 16, 2022Season 2Episode 5

Microsoft 365 Defender is an integrated, cross-domain threat detection and response solution that provides coordinated, automatic defense to block threats before they become attacks. Join us to get to know the components and capabilities of Microsoft 365 Defender.

Guest:

Kim Kischel profile picture

Kim Kischel

Microsoft

Microsoft Defender for Endpoint on Linux

November 9, 2022Season 2Episode 4

Resident Microsoft Security expert John Nix discusses the end-to-end process for installing, configuring, and managing Microsoft Defender for Endpoint on the Linux devices in your enterprise that use.

Guest:

John Nix profile picture

John Nix

Microsoft

Spearfishing and phishing defense

November 2, 2022Season 2Episode 3

Discover the best ways to defend your enterprise email against general and targeted phishing attacks in Microsoft Defender for Office 365.

Guest:

Ben Harris profile picture

Ben Harris

Microsoft

Microsoft Defender for Endpoint on macOS

October 26, 2022Season 2Episode 2

Security expert and threat hunter Michael Malone describes the installation, configuration, and management of Microsoft Defender for Endpoint on macOS devices.

Guest:

Michael Melone profile picture

Michael Melone

Microsoft

Attack simulation training

October 19, 2022Season 2Episode 1

Attack simulation training is an intelligent phish risk reduction tool that empowers employees to prevent attacks, measures their awareness of phishing risks, and provides actionable insights and recommendations that can change their behavior. Learn how to use attack simulation training right in Microsoft Defender for Office 365.

Guest:

Brandon Koeller profile picture

Brandon Koeller

Microsoft

Reporting in Microsoft Defender for Endpoint

Season 1Episode 9

Discover the out-of-the-box reporting capabilities you get with Microsoft Defender for Endpoint, and learn how they can help you spot trends in your environment. You’ll also learn how to use Power BI and Microsoft Defender for Endpoint rich APIs to extend these capabilities.

Guest:

Jake Mowrer

Jake Mowrer

Microsoft

Microsoft Threat Experts

Season 1Episode 8

Microsoft Threat Experts provide your security operations center with expert-level monitoring, analysis, and support to identify and respond to critical threats in your unique environment. In this episode, we discuss how this service works and how to get started with Experts on Demand.

Guest:

Steve Newby

Steve Newby

Company

Automated investigation and response

Season 1Episode 7

Automated investigation and response uses inspection algorithms to examine alerts, determine whether the threat requires action, and perform necessary remediation actions. Learn how automation handles and resolves alerts, enabling security operations experts to focus on more sophisticated threats and other high-value initiatives.

Guest:

Jesse Esquivel

Jesse Esquivel

Microsoft

The investigation experience

Season 1Episode 6

The incidents queue provides high-level information about each incident and is the starting point for your threat investigations. In this episode, we bring you a deeper look into working with incidents and alerts, the rich machine time line, and various other tools that enhance your investigation experience.

Guest:

Michael Melone

Michael Melone

Microsoft

Next-generation protection

Season 1Episode 5

Microsoft Defender Antivirus is a major component of Microsoft Defender for Endpoint. This next-generation protection brings together machine learning, big data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect endpoints in your organization. Learn how Microsoft’s next-generation antivirus help secure your devices.

Guest:

Paul Huijbregts

Paul Huijbregts

Microsoft

Attack surface reduction

Season 1Episode 4

Learn about the features in Microsoft Defender for Endpoint that help you eliminate risks by reducing your attack surface—without reducing user productivity. In this session, we show you how attack surface reduction can minimize your organization’s susceptibility to cyber threats and attacks.

Guest:

Jeff Cook

Jeff Cook

Microsoft

Threat and vulnerability management

May 23, 2022Season 1Episode 3

Threat and vulnerability management discovers vulnerabilities and misconfigurations on your endpoints and provides actionable insights that help you quickly remediate threats and vulnerabilities in your environment. Learn how you can use the threat and vulnerability management in Microsoft Defender for Endpoint to improve your organization’s security posture.

Guest:

Mark Thomas

Mark Thomas

Microsoft

Get started with Microsoft Defender for Endpoint

May 18, 2022Season 1Episode 2

In this episode, we dive into the most common features and scenarios to help get you started fast with your tenant. You get an overview of your control center: the unified Microsoft 365 Defender portal, role-based access control, granting permissions, and the built-in evaluation lab.

Guest:

Dean Pickering

Dean Pickering

Microsoft

Resources:

Start your trial

Get to know Microsoft Defender for Endpoint

May 16, 2022Season 1Episode 1

Microsoft Defender for Endpoint is a comprehensive solution for preventing, detecting, and automating the investigation of and response to threats against endpoints. Join us for this first episode to get to know Microsoft Defender for Endpoint components and capabilities.

Guest:

John Nix

John Nix

Microsoft

Resources:

Episode 1 (PPTX)

Backgrounds Download all backgrounds






Videos