Describe threat protection with Microsoft Defender XDR Flashcards
Describe Microsoft Defender XDR
Microsoft Defender XDR is an enterprise defense suite that protects against sophisticated cyberattacks. With Microsoft Defender XDR, you can natively coordinate the detection, prevention, investigation, and response to threats across endpoints, identities, email, and applications.
Describe Microsoft Defender for Office 365
Microsoft Defender for Office 365 is a seamless integration into your Office 365 subscription that protects against threats, like phishing and malware that arrive in email links, attachments, or collaboration tools like SharePoint, Teams, and Outlook.
It provides admins and security operation teams with a wide range of capabilities:
-Preset security policies:
-threat protection policies
-reports
-threat investigation and response capabilities
-automated investigation and response capabilities
Describe Microsoft Defender for Endpoint
Microsoft Defender for Endpoint is a platform designed to help enterprise networks protect endpoints including laptops, phones, tablets, PCs, access points, routers, and firewalls.
Microsoft Defender for Endpoint includes:
-Core Defender Vulnerability Management:
-Attack surface reduction.
-Next-generation protections
-Endpoint detection and response:
-Automated investigation and remediation (AIR)
-Microsoft Secure Score for Devices
-Microsoft Threat Experts
-Management and APIs
Describe Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps delivers full protection for SaaS applications, helpig you monitor and protect your cloud app data across the following feature areas:
-Saas Security Posture Management (SSPM): defender for cloud helps by recommending specific actions to strengthen posture.
-Advance threat protection:
-App-to-app protection with app governance
Describe Microsoft Defender for Identity
Microsoft Defender for Identity is a cloud-based security solution. It uses your on-premise Active Directory data to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.
Describe Microsoft Defender Vulnerability Management
Defender Vulnerability Management delivers asset visibility, intelligent assessment, and built-in remediation tools for Windows, MacOS, Linux, Android, iOS, and network devices.
It offers:
-Continuous asset discovery and monitoring
-Risk-based intelligent prioritization
-Remediation & tracking
Describe Microsoft Defender Threat Intelligence
Microsoft Defender Threat Intelligence (Defender TI) helps streamline security analyst triage, incident response, threat hunting, and vulnerability management workflows. Defender TI aggregates and enriches critical threat information in n easy-to-use interface.
It has a home page where you can see different threats, looks like a blog post but they say it is not a blog.
Describe the Microsoft Defender portal
Microsoft Defender portal combines protection, detection, investigation, and response to devices, identities, endpoints, email & collaboration, and cloud apps, in a central place.