In this workshop, Dave Kawula and Émile Cabot, authors of Red Teaming and Blue Teaming with Microsoft Defender XDR, provide IT professionals with a foundational understanding of Red Teaming concepts and how to defend against these attacks using Microsoft Defender XDR. Red Teaming focuses on simulating real-world cyberattacks to identify vulnerabilities, while Blue Teaming involves defending and responding to these threats. Attendees will learn how to set up and run Red Team exercises using open-source tools such as Covenant C2 and Mimikatz, and then transition to Blue Team practices, where they will utilize Microsoft Defender XDR to detect, alert, and respond to simulated threats.

By the end of the session, participants will have a clear understanding of both offensive and defensive cybersecurity techniques.

You will learn:

• Basic Red Teaming concepts and how simulated attacks are performed using open-source tools.
• How to defend against these attacks from a Blue Team perspective using Microsoft Defender XDR for detection, alerting, and response.
• Skills to build and tune custom detections, alerts, and remediation workflows to strengthen cybersecurity defenses in real-world environments.