Let’s check the reach of Microsoft’s IT Security portfolio
At the Ignite 2020 conference, Microsoft presented several of its security products that have changed their names. The first thing you notice is the addition of “Microsoft Defender” to the product names. This is obviously not the only change, but are the others enough to justify the name changes? For details, see the article below.
It should not be forgotten that Microsoft has a separate branch of Defender products for its Azure cloud environment. Azure Defender is used by organizations that use Microsoft’s cloud services or a combination of hybrid services.
Citing Microsoft’s representatives on the main difference:
„Microsoft Defender is delivered in two customized environments: Microsoft 365 Defender for end user environments and Azure Defender for cloud and hybrid infrastructure.”
Organizations can use Microsoft 365 Defender to protect things like email, customer endpoints, identities, and applications. Organizations can use Azure Defender to add security for server endpoints, containers, networks, managed applications, and SQL Server.
This division is illustrated in the graphic below.
Microsoft 365 Defender vs Azure Defender
It is certainly worth taking a closer look at Microsoft Defender, which is the part meant for protecting things like email, customer endpoints, identity, and apps.
The changes are as follows:
- Microsoft 365 Defender (formerly Microsoft Threat Protection).
- Microsoft Defender for Endpoint (formerly Microsoft Defender Advanced Threat Protection).
- Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection).
- Microsoft Defender for Identity (formerly Azure Advanced Threat Protection).
It should be noted that Microsoft 365 Defender is the most comprehensive product from Microsoft, successfully competing with the leading manufacturers of solutions for securing local infrastructure.
Licensees gain access to the following components:
- Microsoft Defender for Endpoint – is a Microsoft EDR that can detect and remediate attacks on endpoints.
- Microsoft Defender for Office 365 – Protects email and collaboration applications from malicious attachments and links. Invaluable in the light of the gargantuan increase in interest in Microsoft collaboration services – eg MS Team.
- Microsoft Defender for Identity – which is used to identify threats related to threatened identities or insider threats.
- Microsoft Cloud App Security – allowing to impose security policies on the SaaS environment. It is worth mentioning here that the integration between Microsoft Cloud App Security and Microsoft Information Protection is planning to extend the Microsoft Data Loss Protection (DLP) enforcement framework to third-party cloud applications – Dropbox, Box, Google, Webex and others to ensure consistent and seamless management of cloud protection.
Microsoft Defender is described as XDR, i.e. extended Endpoint Detection & Response – Microsoft aims to unify its endpoint protection solutions into one flagship product under the Microsoft Defender flag.
The second leg of security products are those representing Microsoft Azure Defender cloud security and providing functionalities like:
- Azure Security Center Threat Reporting Center.
- DDoS for services running in Azure.
- Security for local SQL, Azure Kubernetes, Azure Key Vault, and IoT.
- Azure Defender for IoT protects industrial IoT, Operational Technology (OT), and Building Management Systems (BMS) by integrating CyberX agentless features to secure unmanaged devices.
In addition to offering IT security solutions in the cloud and local environment, Microsoft is also developing its portfolio of technologies ensuring compliance with regulations, as befits a software pioneer.
This group of solutions help MS users to manage data, mitigate insider threats and solve legal problems and doubts related to compliance with standards and regulations.
A set of Data Loss Prevention functionalities on the Microsoft 365 platform:
- Microsoft Endpoint Data Loss Prevention (DLP), which means customers can now identify and protect data on end-devices
- Integration between Microsoft Cloud App Security and Microsoft Information Protection that extends Microsoft’s Data Loss Protection (DLP) enforcement framework to third-party cloud applications such as Dropbox, Box, Google Drive, Webex, and more.
- Microsoft Compliance Manager, which helps companies simplify compliance and reduce risk by translating complex regulatory requirements into specific controls, and with a compliance score to obtain a measurable measure of compliance.
2020 is a moment in time that none of us could have imagined, a moment that strengthened the need to flexibly respond to unexpected changes, and a moment when digital security is critical to productivity and peace of mind. Microsoft is developing its products in the areas of security, identity and compliance to provide this peace of mind to its customers through an additional layer of protection.