Microsoft Defender for Endpoint – More
I wrote about this product shortly after it changed names back in November 2020, but it is worth writing about it again.
First let me say that I think Microsoft 365 is an incredible value to organizations. It not only contains not the Operating System, Productivity Tools and endpoint management tools but also, embedded by design, contains many of the security pieces needed by organizations to maintain your identity, data, applications and endpoints strongly protected and secure ( see blog on: Zero Trust Security and MDM) . To my knowledge, the level of integration and scale of this complex and flexible platform is unparalleled.
Many organizations have deployed only a portion of their Microsoft 365 workloads. Perhaps started with their email migrations from Exchange on-prem to Exchange online, followed by the deployment of Windows 10, or Microsoft 365 Enterprise Apps ( formerly Office 365 Pro Plus). They then proceeded to use Microsoft Endpoint Manager (Intune) along with Windows Autopilot, followed by OneDrive, SharePoint and now they are deploying Microsoft Teams.
Now business, large and small, are looking at why are they paying double licenses for tools to manage multifactor authentication, single sign on and of course endpoint security is no exception. They have the licenses already so why not use it?
Microsoft Defender for Endpoint.
Microsoft Defender for Endpoint (formerly Microsoft Defender ATP) delivers preventative protection, post-breach detection, automated investigation, and response.
Microsoft Defender for Endpoint is a holistic, cloud delivered endpoint security solution that includes risk-based vulnerability management and assessment, attack surface reduction, behavioral based and cloud-powered next generation protection, endpoint detection and response (EDR), automatic investigation and remediation, managed hunting services, rich APIs, and unified security management.
If you were familiar with the old Microsoft Defender, you need to look at the new Microsoft Defender Endpoint. it is completely revamped and it supports Windows, Mac, iOS, Linux and Android devices. This short (4m) architecture video will provide you a great overview of the Azure-based platform and the Microsoft Defender Security Center.
Microsoft Defender vs Microsoft Defender for Endpoint
While Microsoft Defender is available at no additional charge with Windows 10, the full version of Microsoft Defender for Endpoint is only available to users with E5 or A5 licensing level (See more here)
The full 8-page comparation PDF file for Windows 10 Commercial editions
You may be asking why positing about this again?
The following primary reasons:
- We have all seen an uptick in the number of cyber-threads going around and actually attacking business.
- We are having many more conversations with our customers about Zero Trust security
- and finally, this tweet (how cool is this!) :