Microsoft Defender interactive security guide

Microsoft recently announced the availability of four new interactive guides about Microsoft Security technologies. Interactive guides are hands-on experiences where customers can interact with Microsoft security products in complex scenarios. Users are provided end-to-end, in-depth, and step-by-step guidance during these technical experiences.

Learn more about Microsoft Defender and Azure Sentinel in this post and watch the newly released interactive guides on demand:

Microsoft Defender for Office 365

View the interactive guide to find out how Microsoft Defender for Office 365 can help define protection policies, analyze threats to organizations, and respond to attacks.

Safeguard your organization with Microsoft Defender for Office 365

What is Microsoft Defender for Office 365?

Microsoft Defender for Office 365 helps safeguard organizations against malicious threats posed by email messages, links (URLs), and collaboration tools. Defender for Office 365 includes:

Microsoft Defender for Office 365 Plans

Feature Defender for Office 365 Plan 1 Defender for Office 365 Plan 2 Microsoft 365 E5 / A5 Security
Configuration, protection, and detection
Safe Attachments Yes Yes Yes
Safe Attachments in Teams Yes Yes Yes
Safe Links Yes Yes Yes
Safe Documents No No Yes
Safe Links in Teams Yes Yes Yes
ATP for SharePoint, OneDrive, and Microsoft Teams Yes Yes Yes
Anti-phishing policies Yes Yes Yes
Real-time reports Yes Yes Yes
Automation, investigation, remediation, and education
Threat Trackers No Yes Yes
Threat investigation (advanced threat investigation) Real-time detections Explorer Explorer
Automated incident response No Yes Yes
Attack Simulator No Yes Yes
Integration with Microsoft 365 Defender No Yes Yes
  • Microsoft Defender for Office 365 Plan 2 is included in Office 365 E5, Office 365 A5, Microsoft 365 E5 Security, and Microsoft 365 E5.
  • Microsoft Defender for Office 365 Plan 1 is included in Microsoft 365 Business Premium.
  • Microsoft Defender for Office 365 Plan 1 and Microsoft Defender for Office 365 Plan 2 are each available as an add-on for certain subscriptions.

Microsoft Defender for Identity

View the interactive guide to discover how Microsoft Defender for Identity can help you examine suspicious activities, trace lateral movement, and prevent future breaches. Investigate and respond to attacks with Microsoft Defender for Identity

What is Microsoft Defender for Identity?

Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution, which leverages on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:

  • Monitor users, entity behavior, and activities with learning-based analytics
  • Protect user identities and credentials stored in Active Directory
  • Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
  • Provide clear incident information on a simple timeline for fast triage

Microsoft Defender for Identity plans 

Defender for Identity is available as part of Enterprise Mobility + Security 5 suite (EMS E5), and as a standalone license.

Save time managing your Office 365 licenses using the Inscape platform. Start using Inscape today!

Microsoft Defender for Endpoint

View the interactive guide to learn how you can leverage Threat and Vulnerability Management in Microsoft Defender for Endpoint to help identify vulnerabilities in real time, assess threats to the organization, and remediate endpoint weaknesses.

Reduce organizational risk with Threat and Vulnerability Management in Microsoft Defender for Endpoint

What is Microsoft Defender for Endpoint?

Microsoft 365 Defender unifies your incident response process by integrating key capabilities across Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Cloud App Security, and Microsoft Defender for Identity. This unified experience adds powerful features you can access in the Microsoft 365 security center.

Microsoft 365 Defender automatically turns on when eligible customers with the required permissions visit Microsoft 365 security center. Read this article to understand various prerequisites and how Microsoft 365 Defender is provisioned.

Microsoft Defender for Endpoint plans

A license to a Microsoft 365 security product generally entitles you to use Microsoft 365 Defender in Microsoft 365 security center without additional licensing cost. We do recommend getting a Microsoft 365 E5, E5 Security, A5, or A5 Security license or a valid combination of licenses that provides access to all supported services.

Azure Sentinel (SIEM)

View the interactive guide to explore how you can leverage Azure Sentinel to view the full scope of an attack, see connections across data sources, and respond to threats using automated playbooks. Investigate an attack on a hybrid environment with Azure Sentinel

What is Azure Sentinel?

Microsoft Azure Sentinel is a scalable, cloud-native, security information event management (SIEM) and security orchestration automated response (SOAR) solution. Azure Sentinel delivers intelligent security analytics and threat intelligence across the enterprise, providing a single solution for alert detection, threat visibility, proactive hunting, and threat response.

Azure Sentinel is your birds-eye view across the enterprise alleviating the stress of increasingly sophisticated attacks, increasing volumes of alerts, and long resolution time frames.

  • Collect data at cloud scale across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds.
  • Detect previously undetected threats, and minimize false positives using Microsoft’s analytics and unparalleled threat intelligence.
  • Investigate threats with artificial intelligence, and hunt for suspicious activities at scale, tapping into years of cyber security work at Microsoft.
  • Respond to incidents rapidly with built-in orchestration and automation of common tasks.

How to get Azure Sentinel

A Microsoft Azure subscription is needed to get started with Azure Sentinel. You can request a free trial of Azure Sentinel with MessageOps here:

Was this article helpful?