Module 1: Understand how Microsoft Defender for Cloud supports AI security and governance in Azure
Microsoft Defender for Cloud plays a central role in securing AI workloads across Azure. Learn how Microsoft Defender for Cloud supports AI security across Azure. Explore the layers of an AI workload, the unique risks AI systems introduce, and the guardrails that protect model inputs and outputs. See how Microsoft Purview, Microsoft Entra ID, and Microsoft Foundry work together to support a unified security and governance strategy.
Module 2: Protect AI workloads with Microsoft Defender for Cloud
Microsoft Defender for Cloud helps secure AI workloads by combining discovery, posture management, and runtime protection in one platform. You'll learn how to enable the AI workloads plan, review insights in the Data & AI security dashboard, assess posture using Cloud Security Posture Management (CSPM), detect runtime threats with Cloud Workload Protection (CWP), and investigate incidents in Microsoft Defender XDR. These capabilities work together to identify configuration gaps, detect suspicious behavior, and provide end-to-end visibility across your AI environments.
Module 3: Configure and manage guardrails in Microsoft Foundry
Microsoft Foundry guardrails help secure AI workloads by applying configurable safety controls that evaluate both prompts and responses. You'll learn how to understand built-in safety models, test and refine guardrails, create blocklists, configure content filters, and validate that protections work as intended. These capabilities help organizations prevent unsafe or policy-violating interactions, protect sensitive data, and maintain trust in AI-assisted applications.
Module 4: Secure Microsoft Foundry environments
To secure Microsoft Foundry environments requires layered protections that control access, safeguard credentials, isolate network communication, and maintain visibility across connected resources. The approach includes defining access boundaries with Microsoft Entra ID and project roles, and integrating Key Vault for secret management. It also uses managed virtual networks, Private Link, and diagnostic logging to maintain privacy, visibility, and compliance. These practices create secure, traceable AI environments that support collaboration without compromising protection.
Module 5: Understand identity architecture for AI workloads
Identity architecture defines who can deploy, invoke, and manage AI workloads in Azure. Microsoft Entra ID governs access across management and data planes, authentication flows establish trust boundaries for AI endpoints, and role scope decisions determine blast radius. Identity types, role assignments, and scope boundaries shape AI security outcomes long before enforcement controls are applied.
Module 6: Implement access management for Azure resources
Explore how to use built-in Azure roles, managed identities, and RBAC-policy to control access to Azure resources. Identity is the key to secure solutions.
Module 7: Plan, implement, and administer Conditional Access
Conditional Access gives a fine granularity of control over which users and identities can do specific activities, access which resources, and how to ensure data and systems are safe—including AI agent identities managed through Microsoft Entra Agent ID.
Module 8: Manage Microsoft Entra Identity Protection
Protecting a user's identity by monitoring their usage and sign-in patterns ensure a secure cloud solution. Explore how to design and implement Microsoft Entra Identity protection.