hands-on lab

Secure Your Cloud with Microsoft Defender for Cloud

Up to 2h
Get guided in a real environmentPractice with a step-by-step scenario in a real, provisioned environment.
Learn and validateUse validations to check your solutions every step of the way.
See resultsTrack your knowledge and monitor your progress.


The security of your cloud environment should always be a leading concern. However, it can be challenging to stay on top of all the resources and changes in your environment. Azure provides Microsoft Defender for Cloud (previously Azure Security Center) to help lighten the burden of securing your cloud environment. Take advantage of automatic security audits and recommendations to secure your cloud with Microsoft Defender for Cloud in this lab. You will mitigate security risks identified by Microsoft Defender for Cloud in a pre-created cloud environment.

Lab Objectives

Upon completion of this lab, you will be able to:

  • Use Microsoft Defender for Cloud to identify the network, compute, storage, and application security risks in your Azure environment
  • Follow Microsoft Defender for Cloud's recommendations to mitigate risks
  • Resolve several common security issues

Lab Prerequisites

You should be familiar with:

  • Basic Azure resources, such as Subnets, Virtual Machines, and Network Security Groups

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:



May 1st, 2024 - Updated the instructions and screenshots to reflect the latest UI

August 30th, 2023 - Resolved intermittent deployment issue

January 11th, 2022 - Updated screenshots to reflect the latest UI

December 2nd, 2021: Updated lab for Azure Defender/Azure Security Center re-branding to Microsoft Defender for Cloud.

December 2nd, 2021: Updated screenshots and instructions to reflect the latest Microsoft Defender for Cloud experience and capabilities.

September 22nd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.

May 3rd, 2021: Updated screenshots to reflect the latest Security Center experience and capabilities.

July 1st, 2020: Added additional instructions to allow validation checks to pass even if Security Center has yet to detect the issues being resolved in the final lab step. Increased time limit as well.

May 22nd, 2020: Updated screenshots to reflect the latest Security Center experience. Also increased time limit to allow more time to wait for Security Center to scan the lab environment (it can take up to 30 minutes)

May 13th, 2020: Updated screenshots and added additional warnings about inherent Security Center delays that can temporarily make the list of recommendations appear empty.

April 12th, 2020: Added validation checks to check the work you perform in the lab

April 12th, 2020: Updated to reflect the latest Security Center experience and capabilities

November 11th, 2018: Updated the text and screenshots to match the latest Security Center experience

September 7th, 2018: Updated text and images to match the latest Azure experience

About the author

Logan Rakai, opens in a new tab
Lead Content Developer - Labs
Learning paths

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.

LinkedIn, Twitter, GitHub

Covered topics

Lab steps

Logging in to the Microsoft Azure Portal
Exploring Azure Security Center
Inspecting the Insecure Lab Resources
Understanding Microsoft Defender for Cloud Recommendations