Now Available !

Microsoft 365 Security for IT Pros

A Deep-dive guide for securing Microsoft 365 services

[eBook] Microsoft 365 Security for IT Pro

This book, which focuses on all things security from the Microsoft 365 stack of solutions and services, aims to deliver practical content laced with real-world examples.

This book will follow the same model as the highly-popular “Office 365 for IT Pros“-book. Some of you might already be familiar with the format. Our goal is to issue monthly updates of the book! The book’s website will be the vehicle through which we will announce the updates and keep track of what’s changed month after month. Once a year, we will release a completely new version. To be able to do this, we will only offer the book in e-format; no printed copies are available.

Security Experts and Microsoft MVPs

Meet The Authors

As a Microsoft Certified Solutions Master (MCSM) and MVP from Belgium, Michael is one of the few people worldwide to hold both the certification and award at the same time. He specializes in Cloud Security & Compliance, Identity Management, Messaging and Collaboration.Besides writing about technology for a variety of tech websites, Michael co-authored several books including the first four editions of the ‘Office 365 for IT Professionals’ e-book.

Blog: Michael Van Horenbeeck

Microsoft MVP, C|EH, MCSM, CCSK

Peter is a freelance Consultant and Microsoft Certified Trainer at Daalmans Consulting with a primary focus on the Microsoft Endpoint Manager and Enterprise Mobility. Peter is awarded every year since 2012 as a Microsoft Enterprise Mobility. Peter writes blogs and sharing his knowledge on his blog Peter is also one of the founders and leads of the Windows Management User Group Netherlands. Peter speaks often at local and international events and conferences.

Blog: Peter Daalmans

Microsoft MVP MCT, Workplace Consultant/Architect, Freelancer

Leading expert on cybersecurity and cloud computing with over fifteen years of experience working with international enterprises. As a cloud security architect, Ammar helps organizations in their cloud migrations by adopting security best practices across the globe. He regularly writes and consults on variety of technical and security topics and runs Ammar Hasayen

CISSP, CISM, Microsoft MVP MCT, Pluralsight Author

Ahmed Nabil has more than 18 years of experience in the field of IT and holds several professional IT certifications from Microsoft, CISCO, ISACA, ISC2, PMI, CWNP, PECB and EC- Council. Ahmed is an industry expert in Information Security and Digital Transformation, public speaker at several international conferences all over the world and author of several articles published in different international security magazines.

Blog: Ahmad Nabil

Microsoft MVP, CCISO, CISSP, CISM, ISO 27001 LI/LA | CCISO Advisory Board

Thomas is an community enthusiast participating in Azure, Office 365 and EM+S projects.Besides the product knowledge and field experience Thomas is seen as a strategic and commercial IT professional with great communicative and people skills. Amongst all this he has proven leadership skills and enjoys public speaking about all this! Besides protecting, detecting and responding to threats, he’s a true foody and big wine enthusiast. He’s the founder of the international start-up Nedscaper with a main focus on Azure Sentinel.

Blog: Thomas Verwer

Founder at Nedscaper, Freelancer

Thijs is a passionate Modern Workplace Consultant, born and raised in Belgium. He currently works at The Collective Consulting as a Microsoft 365 Consultant where he focuses on Client Management, Security and Automation.In his free time, Thijs is active on the Microsoft TechCommunity where he spreads knowledge and helps other people. On his blog,, he shares insights and tips on topics ranging from Microsoft Endpoint Manager to Azure Sentinel and Logic Apps.

Blog: Thijs Lecomte

Microsoft 365 Consultant -

What to expect from this book?

we aim to deliver practical content which comes from extensive real-world experience. We mix deep-dives with an overview of the different capabilities so that you have a solid foundation and understanding of the platform’s capabilities.

The book is never finished. If we were to cover all security features of Microsoft 365 before releasing the book, we would never get to publish it in the first place!

As we update the book, we will also be adding new content. In the coming releases (over the next few months), you can expect more information to be included in the existing chapters, and you can expect new chapters. The author team is already working hard to deliver to you a world-class Azure Sentinel-chapter along a brand new chapter on Office Advanced Threat Protection.

If there is anything you believe is missing from the book, or would like to see covered (in more depth), feel free to send us a message at feedback[at] We’ll be happy to take it into consideration!

What You'll Learn?

Explore the content of this book and get peak on what's inside

chapter 2

Securing Identities

Azure AD Protection Options

Identity Protection analyzes signals from each sign-in, both real-time and offline, and calculates a risk score to help you mitigate the risk of leaked credentials and compromised identities.

Identity Protection

Identity Protection analyzes signals from each sign-in, both real-time and offline, and calculates a risk score to help you mitigate the risk of leaked credentials and compromised identities.

Azure AD Advanced Security

Everything from Azure AD Conditional Access, Role-based Access Control (RBAC), Privileged Identity Management, Azure Advanced Threat Protectoin (Azure ATP), Identitiy Secure Score, and Passwordless Authentication

chapter 3

Microsoft Intune


App Protection vs Mobile Device Management | BYOD vs Corporate Owned Devices

Full guide on Onboarding devices to Microsoft Intune

Apple iOS and Android Security Concepts | Apple macOS Security Concepts

Windows Security Concepts and Endpoint security and compliance | Threat Protection

chapter 4

Microsoft Defender ATP

Full Architecture view on Defender ATP | Features and Requirements

Learn how the product works inside out with a deep dive into the Defender ATP architecture and the power of machine learning 

Comprehensive Overview of the Full Feature set

Explore in deep details how each feature works including Threat & Vulnerabiltity Management, Attack Surface Reduction, Next Generation Protection, EDR and Auto IR, Advanced Hunting, Threat Analytics and Treat Experts

The Era of Endpoint Detect and Response

Deep dive into the details of how Microsoft Defender ATP detect zero-day attacks using machine learning and the power of the cloud and how to automate remediation activities.

chapter 5

Cloud App Security

Discovering cloud applications (Shadow IT)

Igesting network traffic logs, automatically uploading log files, creating continuos reports, and interpreting discovery reports.

Monitoring and security activities

Connecting applications via MCAS App Connectors, using policies to monitor and control cloud applications, investgating events and more.

Third-Party Integrations and Real-world Scenarios

Integrating with Azure Sentinel, integrating with a third-party SIEM, building API integrations, and monitoring usage of sensitive or highly privileged accounts.

chapter 6

Microsoft Threat Protection

Introducing Microsoft Threat Protection

Microsoft Threat Protection is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.

Investigating Alerts and Incidents

Deep dive into the investigation of incidents and alerts, exploring the Microsoft 365 Security Center and hunting for threats.

Microsoft Secure Score

Microsoft Secure Score is a numerical summary of your security posture based on system configurations, user behavior and other security related measurements.

chapter 7

Microsoft Information Protection


The need for Information Protection | Enabling Microsoft Information Protection

Rights Management | Flow of Protection | Enabling Email Protection

Office 365 Message Encryption | Sensitivity Labels Deep Dive

Protecting SharePoint Online and Onedrive for Business

ebook Extra

Get Monthly Updates for Free!

Our goal is to issue monthly updates of the book! This means you will get all the new content and book updates for free. With such agile publishing approach, you will continuously get value from this publication as new product features get published.

Send us your feedback

Your feedback is crucial to us. Have you spotted an error (both technically, or grammatically)? Well, don’t hesitate to reach out to us at feedback at We’ll make sure your feedback is heard and that it will be included in future updates.

Access the ebook change log

We are updating the ebook every month, so make sure to check the change log

Ammar Hasayen

Be The First To Know

Don't worry, I will not send you spam. Join today to be the first to learn about key updates and videos. You can unsubscribe anytime.

You have Successfully Subscribed!

Pin It on Pinterest