Microsoft spruces up Defender options

Microsoft campusSoftware king of the world, Microsoft, has announced a host of new security updates as part of its cunning plan to shove all its detection and event management services under the new Microsoft Defender brand.

The move means Vole’s extended detection and response (XDR) tools will now sit alongside its suite of security information and event management (SIEM) software, offered as a single umbrella brand .

For customers, this new direction will take the form of two separate packages, namely Microsoft 365 Defender, tailored for end-user environments, and Azure Defender, built for cloud and hybrid infrastructure. Both of these packages bring their own product name changes, with Microsoft effectively abandoning the ‘advanced threat protection (ATP)’ theme for most products.

Microsoft 365 Defender will replace all instances of Microsoft Threat Protection, the name given to the suite of products covering identity, endpoint, email, and app security, launched just two years ago.

Included in that Microsoft 365 Defender suite is an updated version of Microsoft Defender ATP, now known as Microsoft Defender for Endpoint, bringing with it expanded support for Android and iOS devices.

Microsoft Defender for Office 365, previously known as Office 365 ATP, and Microsoft Defender for Identity, previously known as Azure ATP, will also feature as part of the Microsoft 365 Defender suite.

The second package, Azure Defender, is described as an evolution of the Azure Security Center (ASC) and repurposes a number of its tools, although the original version ASC still exists. Firstly, Azure Defender for Servers will replace the standard version of ASC, while both Azure Defender for SQL and Azure Defender for IoT will both replace their respective ASC versions. All of these will be packaged inside Azure Defender.

Aside from the name changes, Azure Defender will bring a new look with a unified dashboard inside ASC, as well as expanded protection coverage for SQL on-premises, Kubernetes, and Azure Key Vault. It will also cover industrial IoT, operational technology (OT), and building management systems, largely thanks to the acquisition of CyberX in June.

Vasu Jakkal, corporate vice president of Microsoft Security, Compliance, and Identity, announcing the rebrand said that Microsoft was different from its rivals because it thinks security should not only encompass all critical aspects of security — including cybersecurity, identity and compliance — but that these components should be tightly integrated, and built right into the products and platforms that businesses are already using.”