“A big advantage of Microsoft 365 Defender is its breadth of integrated security functions combined with the fact that you do not need to enable everything in the suite at once.”
Microsoft 365 Defender (formerly Microsoft Threat Protection) is a suite made up of four security tools:
• Microsoft Defender for Endpoint (endpoint and cloud behavioral analytics, device risk scoring, threat intelligence, and automated investigation and remediation)
• Microsoft Defender for Office 365 (security for email and collaboration tools) • Microsoft Defender for Identity
• Microsoft Cloud App Security
Many of the Microsoft 365 Defender security tools work across platforms to cover non-Windows environments, although Microsoft product integrations make the tools easier to implement in a purely Microsoft environment. These security applications are well suited to on-premises infrastructures and hybrid infrastructures with cloud-based resources and applications.
A big advantage of Microsoft 365 Defender is its breadth of integrated security functions combined with the fact that you do not need to enable everything in the suite at once. This flexibility gives you the opportunity to consider your current security needs while thinking about where you want to be in the next three to five years. Activating more security functions in the Microsoft 365 Defender suite involves turning on the licenses for those features—no additional deployment necessary. This design is a big advantage over piecemeal security solutions that require rolling out agents on all your systems for each new tool. With Microsoft 365 Defender, you add security capabilities by turning on features that then tap into the data flow already being monitored and analyzed.
This is an excerpt from 7 Experts on Implementing Microsoft 365 Defender. This eBook was generously sponsored by BlueVoyant.