In the Digital First World of today, Cyber Security has become more important than ever. To address the complex Security needs of people, Microsoft has announced a complete rebranding of its multiple Service Offerings, Microsoft Defender XDR.
What is XDR ?
Initial Security offerings were limited to Anti-Virus whose sole focus was Detection.
EDR was the next evolution. It meant Endpoint Detection and Response. But EDR was focused on endpoints.
XDR extends the range of EDR. It means Extended Detection and Response.
What is Microsoft Defender XDR ?
The Microsoft Defender XDR is the most comprehensive XDR in the market today and prevents, detects, and responds to threats across identities, endpoints, applications, email, IoT, infrastructure, and cloud platforms. It also includes many new capabilities, including additional multi-cloud (Google Cloud and AWS) and multi-platform (Windows, Mac, Linux, Android, and iOS) support.
The Microsoft Defender comes in two main Categories:
- Secure Identities. Microsoft Defender for Identity (previously Azure Advanced Threat Protection)
- Secure Endpoints. Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection). Microsoft Defender for Endpoint delivers preventative protection, post-breach detection, automated investigation, and response. It extends mobile threat defense capabilities to iOS and Android support.
- Secure Cloud apps. Microsoft Cloud App Security is a Cloud Access Security Broker (CASB). It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats across all your cloud services.
- Secure Email and Documents. Microsoft Defender for Office365 (previously Office 365 Advanced Threat Protection).
- Azure Defender for servers (previously Azure Security Center Standard Edition). adds threat detection and advanced defenses for your Windows and Linux machines. For Windows, Azure Defender integrates with Azure services to monitor and protect your Windows-based machines. Security Center presents the alerts and remediation suggestions from all of these services in an easy-to-use format. For Linux, Azure Defender collects audit records from Linux machines by using audit, one of the most common Linux auditing frameworks. auditd lives in the mainline kernel.
- Azure Defender for App Service
- Azure Defender for Storage
- Azure Defender for SQL
- Azure Defender for IoT
- Azure Defender for Kubernetes
- Azure Defender for container registries
- Azure Defender for Key Vault