IT Partner/ Blog/ Explore intelligent cybersecurity with Microsoft 365 Defender

    Explore intelligent cybersecurity with Microsoft 365 Defender

    #microsoft 365, #modern security, #security, #cloud security

    Modern businesses face greater cybersecurity risks and complexity of security challenges than ever before. As attacks have become more sophisticated and regular, alerts increase, and security teams are getting overwhelmed. Microsoft 365 Defender helps organizations concentrate more on proactive security to stop cyber threats before they happen.

    Microsoft 365 Defender (previously Microsoft Threat Protection), is a unified cyber defense suite specifically designed to provide integrated protection against sophisticated attacks. It collects data from email, apps, and multiple platforms to detect cross-platform incidents, enable advanced hunting and empower security teams with tools to collaborate more effectively. Microsoft 365 Defender, as a part of Microsoft’s XDR solution, allows security professionals to focus on the most critical cyberattacks. Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities. It uses AI tools to automatically examine threats across domains and build a complete picture of each attack in a single dashboard.

    Microsoft 365 Defender cross-product features include:

    • Cross-product single pane of glass in the Microsoft 365 Defender portal.
    • Combined incidents queue.
    • Automatic response to threats.
    • Self-healing for compromised devices, user identities, and mailboxes. 
    • Cross-product threat hunting.

    Explore intelligent cybersecurity with Microsoft 365 Defender

    Microsoft 365 Defender portal

    The Microsoft 365 Defender portal is a single pane that brings together functionality from existing Microsoft security portals, like the Microsoft 365 Defender portal and the Office 365 Security & Compliance center, and emphasizes quick access to information, and simpler layouts for easier use.

    Microsoft 365 Defender emphasizes unity, clarity, and common goals as it merges Microsoft Defender for Office 365 and Microsoft Defender for Endpoint and moves each security model into the unified portal. The roles already in the products will be converged into the Microsoft 365 Defender portal automatically. However, Microsoft Defender for Cloud Apps will still handle its own roles and permissions.

    The Microsoft 365 Defender unified portal introduces new and exciting capabilities such as:

    Incidents – a unified investigation page that correlates multiple alerts into a single incident, including details on triggering alerts, impacted assets, and deep-dive details across your endpoints, identities, cloud apps, and Office 365 environment.
    Threat Analytics – detailed in-product threat intelligence reports providing in-depth analysis and context around the real-world threats tracked by Microsoft experts.
    Email investigation page – a comprehensive view that surfaces a variety of insights and contextual data for each email, helping security teams investigate emails from a single view.
    Learning Hub - a collection of educational resources to help you get started, including things like blogs, how-to videos, interactive guides, and official product documentation.

    Explore intelligent cybersecurity with Microsoft 365 Defender

    Microsoft 365 Defender Services

    Microsoft 365 Defender comprises the Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity, and Microsoft Cloud App Security Solutions. Microsoft Security Center Microsoft 365 Defender portal brings together functionality from existing Microsoft security portals, like the Microsoft 365 Defender portal and the Office 365 Security & Compliance Center. It combines protection, detection, investigation, and response to an email, collaboration, identity, device, and app threats.

    Microsoft Defender for Endpoint

    Microsoft Defender for Endpoint (Previously Microsoft Defender Advanced Threat Protection) is an enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats. It is a comprehensive security solution for Windows, macOS, Linux, Android, iOS, and even network devices, such as routers. Defender for Endpoint offers vulnerability management, endpoint protection, endpoint detection and response (EDR), mobile threat defense, and managed hunting all in a single, unified platform, using the following combination of technology built into Windows 10 and Microsoft's robust cloud service:

    • Endpoint behavioral sensors.
    • Cloud security analytics.
    • Threat intelligence.

    Microsoft Defender for Endpoint offers post-breach detection, automated investigation, and response for devices in your organization. Microsoft Defender for Endpoint in Microsoft 365 Defender supports granting access to managed security service providers (MSSPs) in the same way access is granted in the Microsoft 365 Defender portal. It is available in two plans, Defender for Endpoint Plan 1 and Plan 2.

    Microsoft Defender for Endpoint Plan 1 (P1) is available as a standalone user subscription license for commercial and education customers. It is also included as part of Microsoft 365 E3/A3.

    Microsoft Defender for Endpoint Plan 2 (P2) is available as a standalone license and as part of the following plans:

    • Windows 11 Enterprise E5/A5.
    • Windows 10 Enterprise E5/A5.
    • Microsoft 365 E5/A5/G5 (which includes Windows 10 or Windows 11 Enterprise E5).
    • Microsoft 365 E5/A5/G5/F5 Security.
    • Microsoft 365 F5 Security & Compliance.

    Explore intelligent cybersecurity with Microsoft 365 Defender

    Microsoft Defender for Office 365

    Microsoft Defender for Office 365 (Previously Office 365 Advanced Threat Protection) is a cloud-based email filtering service that offers a set of prevention, detection, investigation, and hunting features to help you protect your organization against sophisticated cyberthreats to email and collaboration tools, like phishing, business email compromise, and malware attacks. Defender for Office 365 includes:

    • Threat protection policies.
    • Reports.
    • Threat investigation and response capabilities.
    • Automated investigation and response capabilities.

    Microsoft Defender for Office 365 comes in two different Plan types. Plan 1 allows you to have 'Real-time Detections', and Plan 2 - Threat Explorer. The Plan you have influences the tools you will see, so make sure you are choosing the right plan when you make a purchase.

    • Microsoft Defender for Office 365 Plan 2 is included in Office 365 E5, Office 365 A5, and Microsoft 365 E5.
    • Microsoft Defender for Office 365 Plan 1 is included in Microsoft 365 Business Premium.
    • Microsoft Defender for Office 365 Plan 1 and Defender for Office 365 Plan 2 are each available as an add-on for certain subscriptions.

    Explore intelligent cybersecurity with Microsoft 365 Defender

    Microsoft Defender for Cloud Apps

    Microsoft Defender for Cloud Apps (Formerly Microsoft Cloud App Security) provides rich visibility, control over data travel, and sophisticated analytics to detect threats across all your cloud services. It is a comprehensive cross-SaaS and PaaS solution that supports various deployment modes including log collection, API connectors, and reverse proxy. With Microsoft Defender for Cloud you can strengthen the security posture of your cloud resources running in Azure, AWS, and Google Cloud as well as secure your critical workloads across VMs, containers, databases, storage, app services, and more.

    Microsoft Defender for Cloud will help you achieve these goals below:

    • Discover and control the use of Shadow IT.
    • Protect your sensitive information anywhere in the cloud.
    • Protect against cyberthreats and anomalies.
    • Assess the compliance of your cloud apps.

    Microsoft Defender for Cloud Apps is a user-based subscription service. Each license is a per user, per month license. Microsoft Defender for Cloud Apps can be licensed as a standalone product or as part of several different licensing plans. The complete CASB offering includes all Cloud App Security capabilities, Office 365 Cloud App Security and Cloud App Discovery.

    The easiest way to get access to this service is to purchase a Microsoft 365 E5 license. Microsoft Defender for Cloud Apps is also available as part of the EM+S (Enterprise Mobility Security) E5 license, but it is important to know that it is going to be in addition to your standard Office 365 licenses.

    Explore intelligent cybersecurity with Microsoft 365 Defender

    Licensing requirements for Microsoft 365 Defender

    Microsoft 365 Defender is included with some Microsoft 365 and Office 365 Security and Enterprise licenses. Any of these licenses gives you access to Microsoft 365 Defender features via the Microsoft 365 Defender portal without additional cost:

    • Microsoft 365 E5 or A5
    • Microsoft 365 E3 with the Microsoft 365 E5 Security add-on
    • Microsoft 365 E3 with the Enterprise Mobility + Security E5 add-on
    • Microsoft 365 A3 with the Microsoft 365 A5 Security add-on
    • Windows 10 Enterprise E5 or A5
    • Windows 11 Enterprise E5 or A5
    • Enterprise Mobility + Security (EMS) E5 or A5
    • Office 365 E5 or A5
    • Microsoft Defender for Endpoint
    • Microsoft Defender for Identity
    • Microsoft Defender for Cloud Apps
    • Defender for Office 365 (Plan 2)

    Microsoft 365 Defender is a great tool you can use to protect your Microsoft 365 environment. It helps you deliver automated investigation, and response for endpoints, detect threats across cloud services and apps and secure your email, documents, and collaboration tools.

    To get the best protection and optimize your Microsoft 365 Defender, it is important to choose the right subscription and plan and deploy all applicable supported services on your network. Turning on Microsoft 365 Defender can be simple and smooth with IT Partner experts who can help you provision or deprovision the service and related resources on your tenant. Contact us now and our support team will answer all your questions about Microsoft 365 Defender onboarding.

    2022-07-20

    Request a call back

    Do you have questions? Want to discuss your project? Please schedule a call back.
    To top