Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.
Here’s a list of the different Microsoft 365 Defender products and solutions that Microsoft 365 Defender coordinates with:
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Defender for Identity
Microsoft Defender for Cloud Apps
Microsoft Defender Vulnerability Management
Azure Active Directory Identity Protection
Microsoft Data Loss Prevention
App Governance
Microsoft 365 Defender services protect:
Endpoints with Defender for Endpoint – Defender for Endpoint is a unified endpoint platform for preventative protection, post-breach detection, automated investigation, and response.
Compare flexible purchase options
Explore the comprehensive security capabilities in Microsoft Defender for Endpoint P1, included with Microsoft 365 E3, and Microsoft Defender for Endpoint P2, included with Microsoft 365 E5.
Included with Microsoft 365 E3
Microsoft Defender for Endpoint P1 offers a foundational set of capabilities, including industry-leading antimalware, attack surface reduction, and device-based conditional access.
Unified security tools and centralized management
Next-generation antimalware
Attack surface reduction rules
Device control (such as USB)
Endpoint firewall
Network protection
Web control / category-based URL blocking
Device-based conditional access
Controlled folder access
APIs, SIEM connector, custom threat intelligence
Application control
Included with Microsoft 365 E5
Microsoft Defender for Endpoint P2 offers the complete set of capabilities, including everything in P1, plus endpoint detection and response, automated investigation and incident response, and threat and vulnerability management.
Includes everything in Endpoint P1, plus:
Endpoint detection and response
Automated investigation and remediation
Threat and vulnerability management
Threat intelligence (threat analytics)
Sandbox (deep analysis)
Microsoft Threat Experts
Assets with Defender Vulnerability Management – Microsoft Defender Vulnerability Management delivers continuous asset visibility, intelligent risk-based assessments, and built-in remediation tools to help your security and IT teams prioritize and address critical vulnerabilities and misconfigurations across your organization.
Email and collaboration with Defender for Office 365 – Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools.
Identities with Defender for Identity and Azure Active Directory (Azure AD) Identity Protection –
Microsoft Defender for Identity is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. Azure AD Identity Protection uses the learnings Microsoft has acquired from their position in organizations with Azure AD, the consumer space with Microsoft Accounts, and in gaming with Xbox to protect your users.
Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to: Monitor users, entity behavior, and activities with learning-based analytics Protect user identities and credentials stored in Active Directory Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
Provide clear incident information on a simple timeline for fast triage
Applications with Microsoft Defender for Cloud Apps – Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution bringing deep visibility, strong data controls, and enhanced threat protection to your cloud apps.
Microsoft Defender for Cloud Apps (previously known as Microsoft Cloud App Security) is now part of Microsoft 365
The Microsoft 365 Defender portal allows security admins to perform their security tasks in one location. This will simplify workflows, and add the functionality of the other Microsoft 365 Defender services. Microsoft 365 Defender will be the home for monitoring and managing security across your Microsoft identities, data, devices, apps, and infrastructure.
Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that supports various deployment modes including log collection, API connectors, and reverse proxy. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your Microsoft and third-party cloud services.
Microsoft Defender for Cloud Apps natively integrates with leading Microsoft solutions and is designed with security professionals in mind. It provides simple deployment, centralized management, and innovative automation capabilities.
Get started Microsoft 365 Defender licensing requirements must be met before you can enable the service in the Microsoft 365 Defender portal at https://techsolworld.com
Technology Solutions Worldwide is a global organization that is focused on the constant improvement both in quality and satisfaction. Equally as important is to know that we have offices all over North America, Central America, South America, and the Caribbean.
Inquiries Website: For any inquiries, please call: (800) 998-2792 Email – info@techsolworld.com
Kommentare