Microsoft 365 Defender

02-05-2021
 |  [RAND-100] - Comments



22, the Microsoft Defender product line will be expanded and split across two branches as Microsoft 365 Defender for end-user environments and Azure Defender for cloud and hybrid. Advanced hunting queries for Microsoft 365 Defender. This repo contains sample queries for advanced hunting in Microsoft 365 Defender.With these sample queries, you can start to experience advanced hunting, including the types of data that it covers and the query language it supports. Harness the breadth and depth of integrated SIEM and XDR with new Microsoft 365 integration. Building on our promise for a modern ized approach to threat protection with integrated SIEM and XDR, we are happy to share a deeper integration between Azure Sentinel and Microsoft 365 Defender, making it easier than ever to harness the breadth of SIEM alongside the depth of XDR.

  1. Microsoft Defender For Office Plan 2
  2. Microsoft Defender For M365
  3. Microsoft 365 Defender Reviews
Microsoft 365 login portal

Effective September 22, 2020, Microsoft are consolidating their threat protection products under the Microsoft Defender brand, delivering two experiences: Microsoft 365 Defender for end-user environments, and Azure Defender for cloud and hybrid infrastructures.

Microsoft 365 defender api

Microsoft 365 Defender prevents, detects and responds to threats across identities, endpoints, cloud apps, email and documents in end-user environments, and consists of the following rebranded products:

Microsoft Defender For Office Plan 2

Microsoft 365 Defender. According to Microsoft: “Microsoft 365 Defender is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks. Microsoft Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. It includes threat-detection policies, reporting, threat investigation and response capabilities, and automated investigation and response capabilities.

  • Microsoft 365 Defender (previously Microsoft Threat Protection)
  • Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)
  • Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection)
  • Microsoft Defender for Identity (previously Azure Advanced Threat Protection)

Microsoft Defender For M365

Azure Defender delivers capabilities to protect multi-cloud and hybrid workloads including virtual machines, databases, containers and Internet of Things (IoT), and is an evolution of the Azure Security Center threat protection capabilities, consisting of:

Microsoft
  • Azure Defender for Servers (previously Azure Security Center Standard Edition)
  • Azure Defender for IoT (previously Azure Security Center for IoT)
  • Azure Defender for SQL (previously Advanced Threat Protection for SQL)

For more information, please find the announcement here: https://www.microsoft.com/security/blog/?p=91813.

Microsoft 365 Defender Reviews

Microsoft 365 DefenderDefender

For further details, please watch the explanation video here: https://www.youtube.com/watch?v=klGmsu3LK4M&feature=youtu.be.