Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Microsoft Extending Threat Protection Portfolio, Unifying Security Solutions

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions.

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions.

The company says its goal is to provide the “most comprehensive” XDR solution on the market by unifying all XDR technologies under the Microsoft Defender brand. Microsoft Defender includes Microsoft 365 Defender, formerly Microsoft Threat Protection, and Azure Defender, which includes the cloud workload protections in the Azure Security Center.

Azure Defender, which provides XDR capabilities for Azure and hybrid resources, is expected to become the default later this month.

Microsoft says Azure Defender can now protect SQL servers in the cloud and on premises, as well as virtual machines in other clouds, thanks to Azure Act support. As for container security in Azure, the tech giant told customers that its Kubernetes and Container Registry services (now called Azure Defender for Kubernetes and Azure Defender for Container Registries) have received some new features that should provide enhanced protection for containers.

Azure Security Center for IoT is now called Azure Defender for IoT. The solution, powered by technology obtained from the recently acquired industrial cybersecurity firm CyberX, provides agentless protection for devices in OT networks.

“The integration enables continuous IoT/OT asset discovery, vulnerability management and threat monitoring for both greenfield and brownfield devices. Integration with Azure Sentinel, the security information and event manager (SIEM), provides OT-specific SOAR playbooks plus unified security monitoring and governance across both IT and OT networks,” Microsoft explained.

Microsoft Defender now also integrates with Azure Sentinel, the cloud-native SIEM.

Microsoft 365 Defender includes Defender for Endpoint (formerly Defender Advanced Threat Protection), which has been extended to the Android and iOS mobile platforms, providing protection against phishing, proactive scanning of apps and files, breach mitigation, and visibility into mobile threats.

Microsoft Defender for Office 365 is the new name of Office 365 Advanced Threat Protection. Currently in public preview, the solution enables security teams to prioritize the protection of the most targeted individuals in their organization.

Microsoft also announced a new Compliance Manager that “offers a vast library of assessments for expanded regulatory coverage, built-in automation to detect tenant settings and step-by-step guidance for intuitive compliance management.”

The company also revealed that it has partnered with the MilGears program of the U.S. Department of Defense and Trident University for a decentralized identity pilot in which service members will be able to store a verified service record and transcript of completed courses on their phone in a digital wallet.

Also related to identity solutions, Microsoft introduced new connectors and APIs designed to help users protect their identities, services and apps across cloud environments.

Related: Microsoft Announces Public Preview of Application Guard for Office

Related: New Security Capabilities Announced for Microsoft 365, Azure

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.