Read as
Last updated: April 29, 2026
Exchange + SharePoint + Teams + Power Platform hardening, Defender stack, Purview, IR in M365.
Microsoft 365 — Exchange Online, SharePoint, Teams, OneDrive — sits on top of Entra ID and is the email + collaboration layer for most enterprises. It is also the most common entry point for attackers in 2026: phishing → credential or session theft → mailbox exfil → BEC fraud or lateral movement to Azure. This module covers the M365 security posture, Exchange-specific controls, and the Microsoft Defender stack.
The M365 attack surface
- Authentication: Entra ID — covered in M1; the foundation
- Email: Exchange Online — phishing in/out; mailbox exfil; BEC; auto-forward abuse
- File sharing: SharePoint, OneDrive — overshared documents, external sharing, link sprawl
- Collaboration: Teams — channels, files, external guest access
- Apps: Power Platform (Power Apps, Power Automate) — citizen-developed apps with broad data access
- Endpoints: managed via Intune; Defender for Endpoint integration
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants