Explore Microsoft 365 Defender – part 1
Hi All,
Greetings for the day!!!
On Oct 29 I am presenting the session on “Secure your corporate endpoints using Defender for cloud apps” – in INDIA CLOUD SECURITY SUMMIT so thought to share the details and since its quite big topic – having an multiple series of articles.
In first article we will discuss about Microsoft 365 Defender – brief Introduction, what is it?
Takeaway from this article
At the end of this article we will understand
- What is Microsoft 365 Defender
- Microsoft 365 Defender services
- Licenses requirement for accessing Microsoft 365 Defender
- Roles / Permissions for Microsoft 365 Defender
What is Microsoft 365 Defender
- Microsoft 365 Defender is defense suite of services which provides detection, prevention, investigation and responses across following services against attacks / threats
- Endpoints
- Identities
- Emails
- Applications
- Microsoft 365 Defender
- Detect security risks
- Investigate attacks
- Prevent harmful attacks
- Enable our security teams to perform detailed and effective threat hunting across endpoint and Office data
- With the integration of Microsoft 365 defender our organization security team get the signals about the – threats each of these product receives and thus help to determine the threat, how the environment affected, what is the impact of threat to our organization
- Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services
- Endpoints with Defender for Endpoint
- Unified endpoint platform for
- Preventive protection
- post-breach detection
- automated investigation and response
- Unified endpoint platform for
- Email and collaboration with Defender for Office 365
- Defender for Office 365 protects our organization against
- Malicious threats posed by emails, links (URLs)
- Defender for Office 365 protects our organization against
- Identities with Defender for Identity and Azure Active Directory (Azure AD) Identity Protection
- Defender for Identity uses ADDS (on-premises Active Directory Domain Service) alerts to – identify, detect and investigate advance threats, compromised identities
- Automates the detection and remediation of identity – based risks in our cloud Azure AD
- Applications with Microsoft Defender for Cloud Apps
- SAAS solution to protect our cloud apps
- Assets with Defender Vulnerability Management
- Delivers
- Continuous asset visibility
- risk-based assessment
- built-in remediation tools to for our security and IT teams – to prioritize and address critical vulnerabilities and misconfigurations across our organization
- Delivers
Licenses requirement for accessing Microsoft 365 Defender
- Microsoft 365 E5 or A5
- Microsoft 365 E3 with the Microsoft 365 E5 Security add-on
- Microsoft 365 E3 with the Enterprise Mobility + Security E5 add-on
- Microsoft 365 A3 with the Microsoft 365 A5 Security add-on
- Windows 10 Enterprise E5 or A5
- Windows 11 Enterprise E5 or A5
- Enterprise Mobility + Security (EMS) E5 or A5
- Office 365 E5 or A5
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud Apps
- Defender for Office 365 (Plan 2)
Roles / Permissions for Microsoft 365 Defender
- Roles require to use Microsoft 365 defender
- Global Azure AD roles
- Custom role access
- Roles require to enable / turn on Microsoft 365 Defender in Azure AD OR Global Azure AD roles – to access Microsoft 365 defender functionality and data
- Global administrator
- Global Administrator
- Security Administrator
- Security Operator
- Global Reader
- Security Reader
- Compliance Administrator
- Compliance Data Administrator
- Application Administrator
- Cloud Application Administrator
Microsoft 365 Defender portal
- We could navigate to Microsoft 365 defender portal by
- Direct URL – https://security.microsoft.com/
- From Microsoft 365 Admin center – we have detailed article – Small Tips and Tricks – Microsoft 365 Defender – How to navigate to Microsoft 365 Defender portal
After navigating to Microsoft 365 Defender portal from Microsoft 365 Admin center we will be on Microsoft 365 Defender portal home page as
Turning on Microsoft 365 Defender – Microsoft 365 Defender automatically turns on when eligible users with the required permissions visit Microsoft 365 Defender portal.
References
- Microsoft 365 Defender interactive guide – https://mslearn.cloudguides.com/guides/Protect%20your%20organization%20with%20Microsoft%20365%20Defender
Thanks for reading !! If its worth at least reading once, kindly please like and share !!! SHARING IS CARING 🙂
Enjoy the beautiful life !! Have a FUN !! HAVE A SAFE LIFE !! TAKE CARE 🙂
3 Responses
[…] In last article we started discussion about Microsoft 365 Defender – Explore Microsoft 365 Defender – part 1 […]
[…] Explore Microsoft 365 Defender – part 1 – https://knowledge-junction.in/2022/10/06/explore-microsoft-365-defender-part-1/ […]
[…] We have detailed article on Microsoft defender – Explore Microsoft 365 Defender – part 1 – https://knowledge-junction.in/2022/10/06/explore-microsoft-365-defender-part-1/ […]
You must log in to post a comment.