Explore Microsoft 365 Defender – part 1

by ·

fig : Microsoft 365 Defender portal
fig : Microsoft 365 Defender portal

Hi All,

Greetings for the day!!!

On Oct 29 I am presenting the session on “Secure your corporate endpoints using Defender for cloud apps” – in INDIA CLOUD SECURITY SUMMIT so thought to share the details and since its quite big topic – having an multiple series of articles.

In first article we will discuss about Microsoft 365 Defender – brief Introduction, what is it?

Takeaway from this article

At the end of this article we will understand

  • What is Microsoft 365 Defender
  • Microsoft 365 Defender services
  • Licenses requirement for accessing Microsoft 365 Defender
  • Roles / Permissions for Microsoft 365 Defender

What is Microsoft 365 Defender

  • Microsoft 365 Defender is defense suite of services which provides detection, prevention, investigation and responses across following services against attacks / threats
    • Endpoints
    • Identities
    • Emails
    • Applications
  • Microsoft 365 Defender
    • Detect security risks
    • Investigate attacks
    • Prevent harmful attacks
    • Enable our security teams to perform detailed and effective threat hunting across endpoint and Office data
  • With the integration of Microsoft 365 defender our organization security team get the signals about the – threats each of these product receives and thus help to determine the threat, how the environment affected, what is the impact of threat to our organization
  • Microsoft 365 Defender takes automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.

Microsoft 365 Defender services

Microsoft 365 Defender services
fig : Microsoft 365 Defender services
  • Endpoints with Defender for Endpoint
    • Unified endpoint platform for
      • Preventive protection
      • post-breach detection
      • automated investigation and response
  • Email and collaboration with Defender for Office 365
    • Defender for Office 365 protects our organization against
      • Malicious threats posed by emails, links (URLs)
  • Identities with Defender for Identity and Azure Active Directory (Azure AD) Identity Protection
    • Defender for Identity uses ADDS (on-premises Active Directory Domain Service) alerts to – identify, detect and investigate advance threats, compromised identities
    • Automates the detection and remediation of identity – based risks in our cloud Azure AD
  • Applications with Microsoft Defender for Cloud Apps
    • SAAS solution to protect our cloud apps
  • Assets with Defender Vulnerability Management
    • Delivers
      • Continuous asset visibility
      • risk-based assessment
      • built-in remediation tools to for our security and IT teams – to prioritize and address critical vulnerabilities and misconfigurations across our organization

Licenses requirement for accessing Microsoft 365 Defender

  • Microsoft 365 E5 or A5
  • Microsoft 365 E3 with the Microsoft 365 E5 Security add-on
  • Microsoft 365 E3 with the Enterprise Mobility + Security E5 add-on
  • Microsoft 365 A3 with the Microsoft 365 A5 Security add-on
  • Windows 10 Enterprise E5 or A5
  • Windows 11 Enterprise E5 or A5
  • Enterprise Mobility + Security (EMS) E5 or A5
  • Office 365 E5 or A5
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud Apps
  • Defender for Office 365 (Plan 2)

Roles / Permissions for Microsoft 365 Defender

  • Roles require to use Microsoft 365 defender
    • Global Azure AD roles
    • Custom role access
  • Roles require to enable / turn on Microsoft 365 Defender in Azure AD OR Global Azure AD roles – to access Microsoft 365 defender functionality and data
    • Global administrator
    • Global Administrator
    • Security Administrator
    • Security Operator
    • Global Reader
    • Security Reader
    • Compliance Administrator
    • Compliance Data Administrator
    • Application Administrator
    • Cloud Application Administrator

Microsoft 365 Defender portal

After navigating to Microsoft 365 Defender portal from Microsoft 365 Admin center we will be on Microsoft 365 Defender portal home page as

fig : Microsoft 365 Defender portal
fig : Microsoft 365 Defender portal

Turning on Microsoft 365 Defender – Microsoft 365 Defender automatically turns on when eligible users with the required permissions visit Microsoft 365 Defender portal.

References

Thanks for reading !! If its worth at least reading once, kindly please like and share !!! SHARING IS CARING 🙂

Enjoy the beautiful life !! Have a FUN !! HAVE A SAFE LIFE !! TAKE CARE 🙂

Tags:

Prasham Sabadra

LIFE IS VERY BEAUTIFUL :) ENJOY THE WHOLE JOURNEY :) Founder of Knowledge Junction and live-beautiful-life.com, Author, Learner, Passionate Techie, avid reader. Certified Professional Workshop Facilitator / Public Speaker. Scrum Foundation Professional certificated. Motivational, Behavioral , Technical speaker. Speaks in various events including SharePoint Saturdays, Boot camps, Collages / Schools, local chapter. Can reach me for Microsoft 365, Azure, DevOps, SharePoint, Teams, Power Platform, JavaScript.

You may also like...

2 Responses

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: