This article summarizes our available Security Adoption Framework (SAF) workshops.
What are SAF workshops?
Security adoption is complex and time-consuming. Our SAF workshops focus on high-level security strategy and business alignment to help business and security leaders navigate complexity, and accelerate security modernization with technical expertise, security maturity models, reference plans, architectural deep dives, assessments, and more.
Tip
Our Security Adoption Framework (SAF) workshops align with the detailed guidance in our structured security adoption model.
What SAF workshops do we have?
We offer all of our SAF workshops as expert-led. We also provide a subset of self-help resources for some popular workshops.
- Expert-led: Expert-facilitated workshops that focus on security architecture, strategy, and technology adoption. They're available as Microsoft Unified engagements.
- Self-led: We publish free videos and downloadable files for some workshops. Use these self-service resources to accelerate your organization's security journey without a formal engagement.
Expert-led workshops (Microsoft Unified)
There are a two types of SAF workshops available through Microsoft Unified.
- Security Architecture and Strategy workshops that focus on how to build security disciplines using technical strategy, architecture, and processes.
- Technology Adoption workshops that accelerate realization of security strategy with education, product architecture, onboarding assistance, as well as assessment and optimization of existing security implementations.
How do I get a workshop?
Most of the workshops are available as engagements via a premium support and services offering.
Contact your Microsoft Customer Success Account Manager (CSAM) to learn more about scheduling these workshops.
Architecture and strategy workshops
Expert-led architecture and strategy Workshop engagements range from a couple of hours to days. For example:
- A Topic Summary engagement is a discussion workshop that takes less than four hours, and focuses on key learnings and best practices.
- A full Security Architecture Design Session (Security ADS) is a two-day detailed workshop focusing on a Microsoft case study, maturity model discussion, and reference modernization plans.
The best workshop for you depends upon where you are in your security adoption journey. The following table shows the currently available workshops.
| Journey stage | Workshop/Duration | Details | Adoption team |
|---|---|---|---|
| Getting started | Security Overview and Planning conversation Four hours |
Chat with an expert to get your organization started with security modernization. | Relevant for all adoption disciplines. |
| Assess security | Enterprise Security Assessment workshop One day |
Assess and identify potential weaknesses across your organization. Get recommendations to rapidly improve security posture. | Relevant for all adoption disciplines. |
| Adopt Microsoft security | Security Capability Adoption Planning workshop One to two days |
Maximize value from current product licenses and agreements, including Microsoft 365 E5 and Microsoft Unified. Understand how Microsoft product capabilities solve business problems. Prioritize and plan. |
Relevant for all adoption disciplines. |
| Security strategy and program | CISO Workshop topic summary Four hours topic summary Full CISO Workshop Custom scope. |
Enable senior security and technology leaders to accelerate security strategy and program modernization with best practices and lessons learned from Microsoft. Mature security strategy, address challenges, and get support from business and technology stakeholders. Integrate security into the business, and connect siloed technical teams. Includes recommended strategic initiatives, roles and responsibilities guidance, reference success metrics, maturity models, Zero Trust principles, and more. |
Relevant for the Strategy, Integration, and Governance discipline, and for the Posture Management discipline. |
| Build end-to-end technical architectures | Microsoft Cybersecurity Reference Architectures (MCRA) topic summary Four hours Security Architecture Design Session (ADS) Module 1 workshop Two days |
The topic summary session provides guidance on end-to-end technical architectures, including a summary of Microsoft security capabilities, integration. Learn more about MCRA. The full workshop helps you to build mature security architectures, and to manage common challenges with incomplete, network-centric, unagile architectures. Create architectures that integrate siloed teams and technologies. Plan and prioritize security modernization initiatives. Integrate Microsoft security solutions with existing technologies. |
Relevant for the Security Architecture discipline. |
| Improve access management | Secure Identities and topic summary Four hours |
The summary session provides guidance for secure access planning and architecture to secure a 'hybrid of everything' modern enterprise. Mitigate attacks on privileged accounts, and integrate identity and network access strategies. The workshop helps address common access management challenges such as integrating disjointed identity/network access strategies, driving access management with Zero Trust and Security Service Edge (SSE), focusing on privileged access to control attack escalation, shifting from flat, open networks to segmented context-aware access, and securing remote work. |
Relevant for the Identity and Access discipline. |
| Establish and improve security operations (SecOps) | Modern Security Operations (SecOps/SOC) topic summary Four hours Security ADS Module 3 - Modern Security Operations (SecOps/SOC) workshop : Two to three days. |
The topic summary provides guidance for modernizing SecOps strategy, processes, architecture, and technology to address the simultaneous challenges of rapidly evolving threat actors, the 'hybrid of everything' technical estate, alignment of SecOps to business goals, and mitigating analyst fatigue/burnout. The full workshop provides additional information about attacks and incident response, recommended processes and metrics, and implementing an XDR, SIEM, and security data lake strategy. It also includes a Microsoft case study, advanced functions (such as threat hunting, detection engineering, incident management, and threat intelligence), outsourcing considerations, and a planning exercise to map out your SecOps journey. |
Relevant for the SecOps discipline. |
| Improve infrastructure and DevOps security | Infrastructure & Development Security topic summary Four hours |
The topic summary session provides guidance for planning and architecting infrastructure and development security for multicloud environments. It includes addressing the challenges of a rapidly evolving infrastructure, the security of workloads and applications as you develop them, and building a team-oriented DevSecOps approach for keeping up with threats, technologies, and business requirements. | Relevant for the Infrastructure discipline and the Development Security discipline. |
| Improve AI and data security | Data Security & Governance topic summary Four hours |
The topic summary session provides guidance for planning and architecting a lifecycle approach for protecting and governing data. Build a strategy to secure data through the lifecycle (wherever it goes), support AI security with data classification and protection, and meet evolving regulatory compliance regulations. |
Relevant for the Data Security discipline. |
Technology adoption workshops
These workshops help you to plan, implement, and optimize using Microsoft security products. These workshops show you how to plan, implement, and operate these technologies to align with Microsoft security best practices.
Where should we start?
The most effective starting points for these engagements are one of three options:
- Security Overview and Planning workshop - This short general introduction provides a broad understanding of all the ways Microsoft can help on your security journey. It focuses on selecting the next step in your journey.
- Enterprise Security Assessment workshop - This short assessment provides insights into your security posture and opportunities for improvement across your enterprise.
- Security Adoption workshop - Security Capability Adoption Planning (SCAP) - This workshop helps you to understand all the technologies you already have access to (often more than you might expect) so you can get started right away on getting value from these existing investments.
Each of these engagements helps educate your team and kick off the larger security modernization journey with a greater sense of clarity and some actionable quick wins.
Public workshop resources
The table summarizes publically available SAF workshop resources.
| Workshop | Details |
|---|---|
| The Chief Information Security Officer (CISO) Workshop | This workshop helps you to accelerate security strategy and modernize security posture. It aligns to the security strategy, integration, and governance*, and security posture management disciplines that we use during security adoption. |
| Zero Trust Workshop | This workshop helps accelerate Zero Trust security adoption for technology pillars* across the organization. |
| SecOps Workshop | This workshop helps accelerate and modernization SecOps across the business. It aligns to the security operations (SecOps/SOC)* discipline that we use during security adoption. |
| Microsoft Cybersecurity Reference Architectures (MCRA) | MRCA provides a set of technical architectures that can help to you plan and adopt recommended security architectures. It aligns to the security architecture discipline. |
Next steps
Reach out to Microsoft Unified, or take a look at our free CISO workshop videos.