Microsoft recently announced the availability of four new interactive guides about Microsoft Security technologies. Interactive guides are hands-on experiences where customers can interact with Microsoft security products in complex scenarios. Users are provided end-to-end, in-depth, and step-by-step guidance during these technical experiences.
Learn more about Microsoft Defender and Azure Sentinel in this post and watch the newly released interactive guides on demand:
Microsoft Defender for Office 365
View the interactive guide to find out how Microsoft Defender for Office 365 can help define protection policies, analyze threats to organizations, and respond to attacks.
Safeguard your organization with Microsoft Defender for Office 365
What is Microsoft Defender for Office 365?
Microsoft Defender for Office 365 helps safeguard organizations against malicious threats posed by email messages, links (URLs), and collaboration tools. Defender for Office 365 includes:
- Threat protection policies: Define threat protection policies to set the appropriate level of protection for your organization.
- Reports: View real-time reports to monitor Defender for Office 365 performance in your organization.
- Threat investigation and response capabilities: Use leading-edge tools to investigate, understand, simulate, and prevent threats.
- Automated investigation and response capabilities: Save time and effort investigating and mitigating threats.
Microsoft Defender for Office 365 Plans
| Feature | Defender for Office 365 Plan 1 | Defender for Office 365 Plan 2 | Microsoft 365 E5 / A5 Security |
|---|---|---|---|
| Configuration, protection, and detection | |||
| Safe Attachments | Yes | Yes | Yes |
| Safe Attachments in Teams | Yes | Yes | Yes |
| Safe Links | Yes | Yes | Yes |
| Safe Documents | No | No | Yes |
| Safe Links in Teams | Yes | Yes | Yes |
| ATP for SharePoint, OneDrive, and Microsoft Teams | Yes | Yes | Yes |
| Anti-phishing policies | Yes | Yes | Yes |
| Real-time reports | Yes | Yes | Yes |
| Automation, investigation, remediation, and education | |||
| Threat Trackers | No | Yes | Yes |
| Threat investigation (advanced threat investigation) | Real-time detections | Explorer | Explorer |
| Automated incident response | No | Yes | Yes |
| Attack Simulator | No | Yes | Yes |
| Integration with Microsoft 365 Defender | No | Yes | Yes |
- Microsoft Defender for Office 365 Plan 2 is included in Office 365 E5, Office 365 A5, Microsoft 365 E5 Security, and Microsoft 365 E5.
- Microsoft Defender for Office 365 Plan 1 is included in Microsoft 365 Business Premium.
- Microsoft Defender for Office 365 Plan 1 and Microsoft Defender for Office 365 Plan 2 are each available as an add-on for certain subscriptions.
Microsoft Defender for Identity
View the interactive guide to discover how Microsoft Defender for Identity can help you examine suspicious activities, trace lateral movement, and prevent future breaches. Investigate and respond to attacks with Microsoft Defender for Identity
What is Microsoft Defender for Identity?
Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution, which leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:
- Monitor users, entity behavior, and activities with learning-based analytics
- Protect user identities and credentials stored in Active Directory
- Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
- Provide clear incident information on a simple timeline for fast triage
Microsoft Defender for Identity plans
Defender for Identity is available as part of Enterprise Mobility + Security 5 suite (EMS E5), and as a standalone license.
Save time managing your Office 365 licenses using the Inscape platform. Start using Inscape today!
Microsoft Defender for Endpoint
View the interactive guide to learn how you can leverage Threat and Vulnerability Management in Microsoft Defender for Endpoint to help identify vulnerabilities in real time, assess threats to the organization, and remediate endpoint weaknesses.
What is Microsoft Defender for Endpoint?
Microsoft 365 Defender unifies your incident response process by integrating key capabilities across Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Cloud App Security, and Microsoft Defender for Identity. This unified experience adds powerful features you can access in the Microsoft 365 security center.
Microsoft 365 Defender automatically turns on when eligible customers with the required permissions visit Microsoft 365 security center. Read this article to understand various prerequisites and how Microsoft 365 Defender is provisioned.
Microsoft Defender for Endpoint plans
A license to a Microsoft 365 security product generally entitles you to use Microsoft 365 Defender in Microsoft 365 security center without additional licensing cost. We do recommend getting a Microsoft 365 E5, E5 Security, A5, or A5 Security license or a valid combination of licenses that provides access to all supported services.
Azure Sentinel (SIEM)
View the interactive guide to explore how you can leverage Azure Sentinel to view the full scope of an attack, see connections across data sources, and respond to threats using automated playbooks. Investigate an attack on a hybrid environment with Azure Sentinel
What is Azure Sentinel?
Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.
Azure Sentinel is your birds-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.
- Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
- Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
- Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
- Respond to incidents rapidly with built-in orchestration and automation of common tasks.
How to get Azure Sentinel
A Microsoft Azure subscription is needed to get started with Azure Sentinel. You can request a free trial of Azure Sentinel with MessageOps here: https://messageops.com/get-started/
Get our updates straight to your inbox!
Sign up for our email updates to make sure you don't miss any of our new content.
