Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Microsoft Extending Threat Protection Portfolio, Unifying Security Solutions

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions.

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions.

The company says its goal is to provide the “most comprehensive” XDR solution on the market by unifying all XDR technologies under the Microsoft Defender brand. Microsoft Defender includes Microsoft 365 Defender, formerly Microsoft Threat Protection, and Azure Defender, which includes the cloud workload protections in the Azure Security Center.

Azure Defender, which provides XDR capabilities for Azure and hybrid resources, is expected to become the default later this month.

Microsoft says Azure Defender can now protect SQL servers in the cloud and on premises, as well as virtual machines in other clouds, thanks to Azure Act support. As for container security in Azure, the tech giant told customers that its Kubernetes and Container Registry services (now called Azure Defender for Kubernetes and Azure Defender for Container Registries) have received some new features that should provide enhanced protection for containers.

Azure Security Center for IoT is now called Azure Defender for IoT. The solution, powered by technology obtained from the recently acquired industrial cybersecurity firm CyberX, provides agentless protection for devices in OT networks.

“The integration enables continuous IoT/OT asset discovery, vulnerability management and threat monitoring for both greenfield and brownfield devices. Integration with Azure Sentinel, the security information and event manager (SIEM), provides OT-specific SOAR playbooks plus unified security monitoring and governance across both IT and OT networks,” Microsoft explained.

Microsoft Defender now also integrates with Azure Sentinel, the cloud-native SIEM.

Microsoft 365 Defender includes Defender for Endpoint (formerly Defender Advanced Threat Protection), which has been extended to the Android and iOS mobile platforms, providing protection against phishing, proactive scanning of apps and files, breach mitigation, and visibility into mobile threats.

Advertisement. Scroll to continue reading.

Microsoft Defender for Office 365 is the new name of Office 365 Advanced Threat Protection. Currently in public preview, the solution enables security teams to prioritize the protection of the most targeted individuals in their organization.

Microsoft also announced a new Compliance Manager that “offers a vast library of assessments for expanded regulatory coverage, built-in automation to detect tenant settings and step-by-step guidance for intuitive compliance management.”

The company also revealed that it has partnered with the MilGears program of the U.S. Department of Defense and Trident University for a decentralized identity pilot in which service members will be able to store a verified service record and transcript of completed courses on their phone in a digital wallet.

Also related to identity solutions, Microsoft introduced new connectors and APIs designed to help users protect their identities, services and apps across cloud environments.

Related: Microsoft Announces Public Preview of Application Guard for Office

Related: New Security Capabilities Announced for Microsoft 365, Azure

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.