With persistent cyber threats and Executive Order 14028 requirements announced in May 2021, there is significant pressure for government agencies to improve their security posture as well as proactively prevent and respond to attacks. Microsoft 365 Defender leverages the Microsoft 365 security portfolio to detect and help stop attacks anywhere in the kill chain. We are happy to announce that Microsoft 365 Defender is now available to GCC, GCC High and DoD customers. Microsoft 365 Defender can help government customers optimize their security by:
- Automatically preventing threats from accessing your organization and helping to stop attacks before they happen,
- Reducing confusion, clutter and alert fatigue with a single dashboard to view prioritized incidents and one place to investigate and respond to incidents holistically,
- Returning affected assets to a safe state in the broader context of an incident and automatically remediate seemingly isolated attacks.
What is Microsoft 365 Defender?
Microsoft 365 Defender provides XDR capabilities across Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity and Microsoft Defender for Cloud Apps in GCC, GCC High and DoD environments. Microsoft 365 Defender helps determine the full scope and impact of a threat by stitching together the threat signal received from each of these products. Microsoft 365 Defender can help identify initial threat entry, the scope of the issue, and how it’s currently impacting the organization. It also can take automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services protect:
- Endpoints with Defender for Endpoint – Defender for Endpoint is a unified endpoint platform for preventative protection, post-breach detection, automated investigation, and response.
- Email and collaboration with Defender for Office 365 – Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools.
- Identities with Defender for Identity and Azure Active Directory (Azure AD) Identity Protection – Defender for Identity uses your on-premises Active Directory Domain Services (AD DS) signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. Azure AD Identity Protection automates the detection and remediation of identity-based risks in your cloud-based Azure AD.
- Applications with Microsoft Defender for Cloud Apps – Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution bringing deep visibility, strong data controls, and enhanced threat protection to your cloud apps.