Azure Sentinel News
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
  • Home
    • Home – Layout 1
    • Home – Layout 2
    • Home – Layout 3
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence
No Result
View All Result
Azure Sentinel News
No Result
View All Result
Home Security and Compliance

Microsoft Rebrands Enterprise Security Solutions as ‘Microsoft Defender’

Azure Sentinel News Editor by Azure Sentinel News Editor
November 19, 2020
in Security and Compliance, Security Ochestration & Automated Response, Security Operations, Uncategorized
0
Microsoft Rebrands Enterprise Security Solutions as ‘Microsoft Defender’
3.4kViews
1158 Shares Share on Facebook Share on Twitter

Microsoft took the occasion of its Ignite event last week to rebrand its enterprise security solutions for premises and cloud environments, mostly by putting “Microsoft Defender” on their names.

Microsoft Defender, coincidentally, is also the name of the anti-malware software that comes with Windows 10 client systems. It used to be called “Windows Defender,” and “Windows AntiSpyware” even before that, but that’s ancient history.

What was announced last week pertains to Microsoft’s enterprise security products used to secure desktops and apps in organizations. Those products offer capabilities beyond providing simple anti-malware protection. They get used for things like tracking attack campaigns and post-breach analyses.  

Security Product Name Changes
Here are those new enterprise security product name changes, per an announcement by Rob Lefferts, corporate vice president for Microsoft 365 security:

  • Microsoft 365 Defender (previously Microsoft Threat Protection).
  • Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection).
  • Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection).
  • Microsoft Defender for Identity (previously Azure Advanced Threat Protection).

It’s maybe helpful to note that Microsoft 365 Defender (formerly “Microsoft Threat Protection”) has been Microsoft’s most inclusive top-of-the-line enterprise security product for securing on-premises infrastructures. Licensees get access to the following components, per this Microsoft document description:

  • Microsoft Defender for Endpoint (formerly “Microsoft Defender Advanced Threat Protection”), which is used to protect endpoints and enable post-breach inspections.
  • Microsoft Defender for Office 365 (formerly “Office 365 Advanced Threat Protection”), which is used to protect e-mail and collaboration applications from malicious attachments and links.
  • Microsoft Defender for Identity (formerly “Azure Advanced Threat Protection”), which is used to identify threats due to compromised identities or malicious insiders.
  • Microsoft Cloud App Security, used to add protections to software-as-a-service applications.

Microsoft 365 Defender vs. Azure Defender
If that weren’t enough, Microsoft also has a Microsoft Defender product branch called “Azure Defender.” Azure Defender is used by organizations tapping Microsoft’s cloud services, or using a combination of on-premises servers with Microsoft’s services (known as “hybrid”).

Here’s how Microsoft’s announcement characterized the product distinctions between Microsoft 365 Defender and Azure Defender:

Microsoft Defender is delivered in two tailored experiences, Microsoft 365 Defender for end-user environments and Azure Defender for cloud and hybrid infrastructure.

Organizations can use Microsoft 365 Defender to protect things like e-mail, client endpoints, identity and apps. Organizations can use Azure Defender to add protections for server endpoints, containers, networks, managed apps and SQL Server.

The following Microsoft illustration showed those distinctions:

Protections afforded by Microsoft 365 Defender vs. Azure Defender. (Source: Microsoft Mechanics video)

Microsoft Defender as ‘Holistic XDR’
Microsoft Defender for enterprise security was described as “holistic XDR” by Lefferts in a Microsoft Mechanics video available at this Microsoft security page.

Lefferts defined XDR, or extended detection and response, as “a new approach defined by industry analysts” for delivering “intelligent, automated, and integrated security across domains to help defenders connect seemingly disparate alerts and get ahead of attackers.” He said that Microsoft is “unifying all XDR technologies under the Microsoft Defender brand.”

XDR goes beyond typical endpoint detection and response solutions, according to this definition by Cisco. 

In the announcement, Lefferts promoted combining Microsoft’s on-premises and cloud enterprise security solutions. He stated that “together, Microsoft 365 Defender and Azure Defender give you an end-to-end XDR solution for threat detection and response, across your Microsoft estate, the cloud, on prem and in other clouds.”

He further claimed that organizations can get security protections for other cloud services besides Microsoft Azure by using Azure Sentinel, Microsoft’s cloud-based security information and event management (SIEM) solution.

Azure Security Center Multicloud Support
More detail on these enterprise security product shifts were described in an announcement by Vasu Jakkal, corporate vice president of security, compliance and identity at Microsoft. Microsoft is offering “a unique approach” by offering “both cloud-native SIEM and XDR tools from a single vendor,” she explained.

Microsoft is also adding multicloud security management support to Azure Security Center. “Now you can see all your Azure, AWS, and GCP security posture in a unified experience within Azure Security Center,” Jakkal added, pointing to this announcement.

A public preview of “integration between Microsoft Cloud App Security and Microsoft Information Protection,” is now available. It “extends Microsoft’s data loss prevention (DLP) policy enforcement framework to third-party cloud apps — such as Dropbox, Box, Google Drive, Webex, and more — for a consistent and seamless compliance experience,” Jakkal explained.

In addition, Microsoft announced the general availability of its Compliance Manager solution. It can help with compliance issues, such as when there are “complex regulatory requirements” to meet. It produces a compliance score toward that end, Jakkal explained.

Microsoft’s announcements during Ignite also included lots of details on specific new capabilities that were added to these enterprise security products.

Reference: https://redmondmag.com/articles/2020/09/28/microsoft-rebrands-enterprise-security-solutions.aspx

Azure Sentinel News Editor

Azure Sentinel News Editor

Related Posts

Vectra AI and Microsoft partner on security integration
Security and Compliance

Replay Now Available – Microsoft Security Insights 036: Azure Sentinel with Rod Trent

February 8, 2021
What’s new: Microsoft Teams connector in Public Preview
Security Operations

AMA for Azure Sentinel on the Microsoft Security Insights Podcast and Twitch Stream

January 25, 2021
What’s new: Microsoft Teams connector in Public Preview
Security Operations

How to Setup a Managed Identity for the Azure Sentinel Logic App Connector

January 21, 2021
Next Post
Mimecast Email Security for Azure Sentinel is now available in the Microsoft Azure Marketplace

Mimecast Email Security for Azure Sentinel is now available in the Microsoft Azure Marketplace

Quzara Cybertorch™ Adds Enhanced Security Operations Capabilities Through Azure Sentinel for the Microsoft Cloud

Quzara Cybertorch™ Adds Enhanced Security Operations Capabilities Through Azure Sentinel for the Microsoft Cloud

Microsoft partners with the telecommunications industry to roll out 5G and more

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Follow Us

  • 21.8M Fans
  • 81 Followers

Recommended

Vectra AI and Microsoft partner on security integration

New data from Microsoft shows how the pandemic is accelerating the digital transformation of cyber-security

3 months ago
Open Systems Augments its Cybersecurity Capabilities With Acquisition of Leading Microsoft Azure Sentinel Expert

New Azure Sentinel notebook experience and the retirement of the Azure Notebooks service preview

2 months ago
Alcide Joins Microsoft Intelligent Security Association (MISA) and integrates their Kubernetes security, Alcide kAudit, with Microsoft Azure Sentinel

Alcide Joins Microsoft Intelligent Security Association (MISA) and integrates their Kubernetes security, Alcide kAudit, with Microsoft Azure Sentinel

4 months ago
Microsoft and Docker collaborate on new ways to deploy containers on Azure

SolarWinds Post-Compromise Hunting with Azure Sentinel

2 months ago

Instagram

    Please install/update and activate JNews Instagram plugin.

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

Topics

anomaly automation Azure Azure DevOps Azure Security Center Azure Sentinel Azure Sentinel API Azure Sentinel Connector BlueVoyant Call cybersecurity Detection file GitHub Hunting Huntingy IAC incident response Incident Triage infrastructure as code Investigation jupyter LAQueryLogs MDR Microsoft microsoft 365 mssp Multitenancy Notebooks Pester Playbooks PowerShell python Records Security Sentinel Sharing SIEM signin Supply Chain teams Threat hunting Watchlists Workbooks XDR
No Result
View All Result

Highlights

New Items of Note on the Azure Sentinel GitHub Repo

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

New Search Capability for Azure Sentinel Incidents

Follow-up: Microsoft Tech Talks Practical Sentinel : A Day in the Life of a Sentinel Analyst

Changes in How Running Hunting Queries Works in Azure Sentinel

Azure Sentinel can now Analyze All Available Azure Active Directory Log Files

Trending

What’s new: Microsoft Teams connector in Public Preview
IR

How to Generate Azure Sentinel Incidents for Testing

by Azure Sentinel News Editor
February 26, 2021
0

Do you want to generate an Incident in Azure Sentinel for testing/demoing? Here’s a couple easy ways...

What’s new: Microsoft Teams connector in Public Preview

Azure Sentinel Notebooks Loses It’s Preview Tag

February 25, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting

February 22, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

New Items of Note on the Azure Sentinel GitHub Repo

February 18, 2021
Microsoft’s newest sustainable datacenter region coming to Arizona in 2021

Tuning the MCAS Analytics Rule for Azure Sentinel: System Alerts and Feature Deprecation

February 17, 2021

We bring you the best, latest and perfect Azure Sentinel News, Magazine, Personal Blogs, etc. Visit our landing page to see all features & demos.
LEARN MORE »

Recent News

  • How to Generate Azure Sentinel Incidents for Testing February 26, 2021
  • Azure Sentinel Notebooks Loses It’s Preview Tag February 25, 2021
  • The Holy Grail of Azure Sentinel Data Connections: The Azure Service Diagnostic Setting February 22, 2021

Categories

  • AI & ML
  • Artificial Intelligence
  • Incident Response
  • IR
  • KQL
  • Security and Compliance
  • Security Ochestration & Automated Response
  • Security Operations
  • SIEM
  • SOAR
  • SOC
  • Threat Intelligence
  • Uncategorized

[mc4wp_form]

Copyright © 2020 - Azure Sentinel News

No Result
View All Result
  • Home
  • Security and Compliance
  • SOC
  • Threat Intelligence
  • Security Ochestration & Automated Response
  • SOAR
  • Security Operations
  • Artificial Intelligence

Copyright © 2020 Azure Sentinel News