In this in-depth workshop, Dave Kawula — co-authors of Red Teaming and Blue Teaming with Microsoft Defender XDR — will provide IT professionals with a practical foundation in both offensive and defensive cybersecurity strategies.

Red Teaming simulates real-world cyberattacks to uncover vulnerabilities before adversaries do. Blue Teaming focuses on detecting, responding to, and mitigating those attacks effectively.

Participants will begin by learning how to design and execute Red Team exercises using open-source tools such as Covenant C2 and Mimikatz. The workshop then shifts to the Blue Team perspective, where attendees will use Microsoft Defender XDR to detect, investigate, and respond to the simulated threats in real time.

By the end of the session, participants will have a clear, practical understanding of how offensive techniques work — and how to defend against them using Microsoft’s security ecosystem.

You will learn:

• Core Red Teaming concepts and how simulated attacks are conducted using open-source tools
• How to detect, investigate, and respond to these attacks using Microsoft Defender XDR
• How to build and tune custom detections, alerts, and remediation workflows to strengthen real-world security defenses