Endpoint for Microsoft Defender for Cloud and Critical Insight MDR
The Defender family of products combined with the widespread deployment of Microsoft-based infrastructure solutions in our clients makes delivering a joined-up cyber defense posture and integrated security easier — from the cloud, through back-end servers, and on to each endpoint.
Microsoft Defender for Endpoint has a significant market share for endpoint protection within the Microsoft enterprise landscape. It also scores highly in Gartner's Magic Quadrant for EDR. In the latest EDR Quadrant, it is the highest-ranked on Ability to Execute and second for Completeness of Vision. The Defender family of cybersecurity solutions builds on the core endpoint protection.
What is Microsoft Defender for Cloud?
Defender for cloud strengthens the security posture of cloud resources running on Azure, hybrid, and other non-Microsoft cloud platforms. It provides cyber protection in three critical areas for cloud and hybrid deployments -
- Continuous assessment - analysis of the cloud environment to provide cybersecurity teams with a score that reflects the current risk level
- Recommendations to secure the environment - delivers an actionable list of tasks and changes that system admins should carry out to reduce the risk score.
- Defense alerting - detect threats and attack metrics in real-time within the cloud-based infrastructure. Get alerts that feed into SIEM, SOAR, and other IT service management systems.
Microsoft Defender for Cloud operates via two main areas of protection. They are:
- Cloud security posture management (CSPM) - delivers visibility of the threats in the cloud infrastructure and provides guidance on what remedial actions to take to reduce the risk.
- Cloud workload protection (CWP) - the alerting engine that provides alerts and warnings about anomalous behavior. In Defender for Cloud, the alerts that Defender generates vary depending on the Defender subscription plan in place. Critical Insight's cybersecurity consultants can advise on the best Defender plan for an organization.
In addition to protecting resources in Microsoft Azure, Defender for Cloud can also protect workloads running in Amazon Web Services and Google Cloud.
Critical Insight MDR Services
Protecting cloud-hosted resources is a core part of the Critical Insight Managed Detection and Response (MDR) offering. Critical Insight's MDR provides expert-led services covering the core pillars of a cybersecurity defense strategy. The diagram below illustrates the Critical Insight cybersecurity MDR services (this is the top half of our Defense Services Wheel).
Cloud protection is one of five essential components within our MDR service's 24x7 Threat Detection and Investigation component. Alongside protection of SaaS cloud services such as Microsoft 365, endpoints, on-premises servers & networks, and the exponentially growing IoT and connected device landscape.
See Also: Microsoft EDR and MDR