Advanced Threat Protection with Microsoft 365 Defender
In the new global context, threats and cyber attacks have intensified, increasing the exposure of companies to suffer a security incident. Attackers target the organization's most vulnerable resources to escalate laterally to higher-value assets. For this reason, companies can no longer consider a protection approach for individual areas such as email or computers, they must consider a comprehensive and unique protection approach that covers all areas from identity to computers, applications, mail electronic and hybrid or cloud infrastructure.
To meet this need, Microsoft has consolidated its threat protection products under the Microsoft Defender brand, a set of security solutions that prevent, detect, and respond to advanced threats. Microsoft Defender is divided into two families:
- Microsoft 365 Defender for end-user environments is an integrated set of solutions that prevent, detect and respond to threats and sophisticated attacks on identities, teams, cloud applications, email and documents.
- Azure Defender for hybrid and cloud infrastructures is an evolution of the threat protection capabilities of Azure Security Center that protects hybrid and cloud infrastructures offering capabilities to protect hybrid and multi-cloud workloads, including virtual machines, bases of data, containers and IoT.
In this article we are going to explain Microsoft 365 Defender in detail and in the next few days, we will publish a new post in which we will delve into Azure Defender.
Microsoft 365 Defender
As threats become more complicated and persistent, alerts increase and security teams are overwhelmed. Microsoft 365 Defender (formerly known as Microsoft Threat Protection) leverages the Microsoft 365 security portfolio to automatically analyze threat data across all domains and create a complete picture of every attack in a single dashboard.
Microsoft 365 Defender offers a powerful set of solutions that detect and stop attacks anywhere in the chain, keeping the organization in a safe state.
Identities: Through Microsoft Defender for Identity (formerly Azure Advanced Threat Protection) and Azure Active Directory that manage and protect hybrid identities, and simplify employee access. Microsoft Defender for Identity uses Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and harmful indirect actions directed at the organization. More details
Devices: Through Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection), a platform that combines Windows 10 technology and Azure cloud service to offer businesses proactive protection , post-breach detection , investigation automated and advanced threat response on your networks. More details
Email and Documents: Through Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection), protect your organization from malicious threats posed by email messages, links (URLs), and collaboration tools. More details
Applications: Through Microsoft Cloud App Security , a complete SaaS solution that provides IT departments with visibility and control over the applications in the cloud used by the users of your organization (those allowed and those not allowed). More details
With this integrated solution, security teams can aggregate threat signals that each product receives and determine the full scope and impact of a threat; how it entered the environment, what was affected (including infected identities, devices, and mailboxes), and how it affects the business overall. It also performs automatic actions to prevent and stop attacks and self-correct the mailboxes, computers, and identities of affected users.
How is it licensed?
Any of these licenses gives you access to Microsoft 365 Defender features in the Microsoft 365 Security Center at no additional cost:
- Microsoft 365 E5
- Microsoft 365 E5 security
- Windows 10 Enterprise E5
- Enterprise Mobility + Security (EMS) E5
- Office 365 E5
- Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection)
- Microsoft Defender for Identity (formerly Azure Advanced Threat Protection)
- Microsoft Cloud App Security
- Microsoft Defender for Office 365 Plan 2 (formerly Office 365 Advanced Threat Protection)
Learn more about Microsoft 365 Defender:
The current landscape requires companies to be protected against security threats and to be able to detect and respond quickly to them. For that reason, Microsoft 365 Defender is the best solution, its powerful automation detects and stops attacks and will return your organization to a safe state.
At Softeng, we are committed to providing solutions to our clients and offering them our experience in this area, so we encourage you to follow our blog where we will continue to inform you about the security tools and solutions that we can offer you.
Do you want to know more about Microsoft 365 Defender? Contact us!
Yes i want to know more