4-Day Instructor-Led Programme
Build practical skills to detect, investigate, and respond to threats using Microsoft Sentinel and Defender XDR. Delivered through mentor-led sessions with practical scenarios aligned to SC-200 exam objectives.
Duration
4 Days
Price
$2,199
This programme equips learners with the practical capabilities required to operate effectively in a modern Security Operations Centre (SOC) using Microsoft’s security ecosystem. It focuses on real-world threat detection, investigation, and response using Microsoft Sentinel, Defender XDR, and integrated security tools.
Through mentor-led sessions and practical scenarios, participants learn how to triage alerts, investigate incidents, and proactively hunt for threats across cloud and hybrid environments. The course emphasises operational readiness, enabling learners to reduce organisational risk through faster and more accurate response actions.
Aligned with the SC-200 certification objectives, this course also builds strong analytical skills using Kusto Query Language (KQL), helping learners create detections, automate workflows, and improve overall security posture across enterprise environments.
Real SOC simulations using Sentinel, Defender XDR, and KQL queries.
Guided by experienced SOC analysts with real incident response scenarios.
Build job-ready threat detection, investigation, and response capabilities.
Analyse threats across cloud environments
Implement Sentinel detection rules
Investigate incidents using Defender XDR
Design KQL queries for detection
Evaluate security posture improvements
Communicate findings to stakeholders
Basic understanding of networking concepts
Familiarity with Microsoft Azure fundamentals
Awareness of cybersecurity principles
Organized by professional domains with comprehensive coverage
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
This programme is aligned with the official exam objectives. Exam registration and certification are managed directly by the awarding body.
Credential
On successful completion of Microsoft Security Operations Training (SC-200), learners receive an Xcademia Certificate of Completion. This standalone certificate is issued directly by Xcademia and is aligned with globally recognised frameworks and best practices.
Everything you need to know about this course
This is a practitioner-level course; basic security and Azure knowledge is recommended.
Take the next step in your professional development
