Microsoft Ecosystem — Security Consultant Scope

Built by Marcus Jacobson — Senior Microsoft Cybersecurity Consultant. This compass maps the Microsoft security stack as I work across it: the products, data flows, overlap zones, and real-world scenarios that define the scope of my practice.

← Back to portfolio

Click any circle, overlap zone, or node to explore

← Home Projects ↗ Roles & Scenarios ↗ Certifications ↗
Microsoft Ecosystem — Security Consultant Scope Interactive map of the Microsoft security ecosystem framed as a security consultant's advisory scope. Purview, Defender XDR, and Entra at the centre, with data sources, compliance, AI agents, and DevSecOps context. Security Copilot AI · XDR · Sentinel DSPM · Purview Data sources — governed by Purview Microsoft Fabric Azure Synapse Azure SQL / Cosmos DB Azure Databricks Power Platform Azure Storage Third-party & multi-cloud signals Snowflake · S3/GCP · Varonis · BigID · Cyera · OneTrust · SASE · Sentinel partner solutions Purview Data Map Catalog · labels · lineage · policies DSPM for AI AI Observability · posture · assessments Inputs Outputs M365 content Endpoint files Email / MDO Cloud alerts Sign-in signals PIM activations Sensitivity labels DLP alerts Incidents Threat hunting Access decisions Risk signals Microsoft Purview Defender XDR Microsoft Entra Insider risk · DLP Zero Trust Label-aware access Identity-driven Compliance pillar eDiscovery Legal hold · search Records Mgmt Retention · labels Comm Compliance Audit + DLM Unified log Compliance Mgr GDPR · HIPAA · NIS2 AI agents + M365 Copilot Copilot Studio Low-code agents Azure AI Foundry Agent 365 Treated as user in IRM M365 Copilot Audit · DLP · IRM · eDisc Entra Agent ID Dependencies Sentinel SIEM · SOAR Partner hub Azure Monitor · Logic Apps Defender for Endpoint EDR · DLP agent Defender for Cloud CSPM · CWPP Intune Device compliance Secure by Design · Secure by Default · Secure Operations Microsoft Secure Future Initiative — the overarching frame for everything above Infrastructure as Code · DevSecOps IaC Foundations Purview as Code Entra as Code Sentinel as Code Pipeline Security Defender for Cloud as Code Purview / governance Defender / SOC Entra / identity Compliance Third-party / infra Security Copilot
Microsoft Security Compass · Last updated: 2026-04-28 ← Home