Microsoft Defender XDR

• Identity protection

  We can help protect your organisation from attacks against your cloud and on-premises identities, and identify legacy on-prem AD misconfigurations, using Microsoft Defender for Identity and Microsoft Entra ID.

• Protection for productivity

  We can help you reduce the threats of phishing, malware, and ransomware with Microsoft Defender for Office 365’s powerful security capabilities for email, files, and collaboration tools.

• Endpoint security

  Use Microsoft Defender for Endpoint to enhance your endpoint security posture by detecting and mitigating threats, identifying vulnerabilities, and providing real-time response capabilities across your devices and servers.

• App security

  If you’re using SaaS cloud apps, we can help you can monitor and protect your cloud app data effectively with Microsoft Defender for Cloud Apps.

Frequently asked questions (FAQs)

• What is XDR?

  XDR stands for Extended Detection & Response. Its a type of cybersecurity solution that integrates multiple data sources and tools.

  XDR goes beyond conventional security solutions that focus only on endpoints. XDR can also safeguard identities, email, applications, infrastructure, data and networks for a more holistic security approach. You can read our article “What are the benefits of XDR?” for more detail.

  Microsoft’s XDR platforms include Microsoft Defender XDR (endpoints, identity, cloud services, apps, data) and Microsoft Defender for Cloud (servers, on-premise/hybrid/cloud, networks).

  To understand how XDR differs from EDR, MDR and MXDR, read our article that explains these acronyms and how the solutions and services differ.

• What is MXDR?

  MXDR is an acronym for Managed Extended Detection & Response, a type of managed security service that leverages XDR technology to safeguard the clients’ organisations from cyber threats.

  Some people may call it “Managed XDR”, but Microsoft is now using the term “MXDR” and it has become widely accepted in the industry.

  To learn more about MXDR, you can check out our articles “What is MXDR?” and “What are the benefits of MXDR?” that cover what you need to know about an MXDR service.

• Is Microsoft Defender XDR the new name for Microsoft 365 Defender?

  Yes. Microsoft announced they were renaming “Microsoft 365 Defender” as “Microsoft Defender XDR” at Microsoft Ignite in November 2023.

• What is Microsoft Defender for Identity?

  Microsoft Defender for Identity is part of Microsoft Defender XDR. It helps protect against attacks on any on-premises identities if you still use Active Directory and domain controllers for any legacy systems. By installing the Defender for Identity sensor on your domain controllers, you can monitor your network traffic. You’ll benefit from a host of detections, which flag any suspicious activity or attacks on Active Directory, as well as various unified response actions, which cover both on-premise and cloud accounts, without having to take separate actions for both.

  Microsoft Defender for Identity also helps you improve your on-premises security posture. It can help identify risky misconfigurations in Active Directory, such as dormant accounts with admin privileges or accounts not requiring passwords. Due to the age of Active Directory technology, many organisations have legacy misconfigurations from years or decades ago, which could pose serious security vulnerabilities for attackers to exploit.

• What is Microsoft Defender for Endpoint?

  Microsoft Defender for Endpoint is part of Microsoft Defender XDR. It’s a powerful unified endpoint security platform that proactively protects your devices from advanced cyber threats, and also provides post-breach detection, automated investigation and response capabilities. It combines modern endpoint detection & response (EDR) capabilities with antivirus (AV) to provide an industry-leading endpoint protection solution.

  It uses a combination of Windows OS sensors, cloud analytics, and threat intelligence to detect and respond to attacks in near real time. It also helps you reduce your attack surface by identifying and remediating vulnerabilities and misconfigurations on your endpoints.

  Where automation isn’t sufficient and human attention is required, Microsoft Defender for Endpoint gives our security analysts the tools to take a wide range of response actions to investigate and respond to threats. For example, isolating machines remotely.

• What is Microsoft Defender for Office 365?

  Microsoft Defender for Office 365 is part of Microsoft Defender XDR. It’s a cloud-based security solution that helps protect your organisation against advanced threats to your email and collaboration tools, such as phishing, ransomware and malware.

• What is Microsoft Defender for Cloud Apps?

  Microsoft Defender is part of Microsoft Defender XDR. It helps you secure your SaaS cloud applications, enabling you to discover, assess, and manage the risks of your cloud app usage, and also provides advanced threat protection and response capabilities.

  It’s a Cloud Access Security Broker (CASB) and provides visibility and control over data travel, with sophisticated analytics to identify risks and protect your cloud services.

Companies we work with