Read on to learn about the rebranding and new capabilities!
As attacker strategies and tactics become more advanced and malicious, organizations must stay on top of security. No longer does protecting individual areas such as email or endpoints keep your environment secure. Extended detection and response (XDR) is a new approach that is designed to deliver intelligent, automated, and integrated security across domains to help defenders connect seemingly disparate alerts and get ahead of attackers.
Microsoft Defender used to be the name of anti-virus software – but is now the brand name for Microsoft’s security suite. Microsoft Defender is a comprehensive collection of XDR technologies that prevents, detects, and responds to threats across identities, endpoints, applications, email, IoT, infrastructure, and Cloud platforms. Leverage Microsoft Defender to keep your organization safe and save time through automation and AI. Microsoft Defender is delivered in two ways, Microsoft 365 Defender for end-user environments and Azure Defender for Cloud and hybrid infrastructure.
Microsoft 365 Defender delivers XDR capabilities for identities, endpoints, Cloud apps, email, and documents. Using artificial intelligence, Microsoft 365 Defender will consolidate alerts and remediate the alerts so your IT can focus on more important business problems and tasks that better leverage their expertise and time. Prioritization and efficiency allow organizations to focus on and resolve real threats, not false signals, in a timely manner. The following graphic shows the dashboard your IT department would see:
Azure Defender delivers XDR capabilities to protect multi-Cloud and hybrid workloads, including virtual machines, databases, containers, IoT, and more. This is accessed from within the Azure Security Center and allows an IT department to easily see which resources are protected and which need protection. Azure Defender streamlines security with artificial intelligence (AI) and automation, enabling your organization to save time when standing up against threats like remote desktop protocol (RDP) brute-force attacks and SQL injections. Additionally, Microsoft’s acquisition of CyberX complements the existing Azure IoT security capabilities – which are integrated with Azure Defender for IoT. The following graphic is a look into Azure Defender in the Security Center:
The XDR capabilities of Microsoft Defender from both Azure Defender and Microsoft 365 Defender provide deep insights and prioritized alerts – but in order to gain visibility across your entire environment, we recommend connecting Microsoft Defender with Azure Sentinel. This allows data from other solutions such as firewalls or exiting tools to be included and visible. The integration of Azure Sentinel and Microsoft Defender provides end-to-end visibility and prioritized insights across all your enterprise assets. Let your security team understand comprehensively what is going on in your environment and prioritize time and resources more efficiently.
Give us a call today so our experts can help your organization best utilize Azure Defender or start looking at the power of Azure in your environment.
The experts at Interlink are able to guide you through the entire process of utilizing Microsoft Defender and licensing. We work with you to identify specific organizational needs and see what the best solution is for your environment. Microsoft Defender brings powerful capabilities, and the addition of Azure Sentinel gives extensive visibility.
Contact Interlink today to get started!
For more information on Defender, check out this blog from our partner at Peters & Associates.