{"id":22533,"date":"2023-07-24T17:01:29","date_gmt":"2023-07-25T01:01:29","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/07\/24\/news-16263\/"},"modified":"2023-07-24T17:01:29","modified_gmt":"2023-07-25T01:01:29","slug":"news-16263","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/07\/24\/news-16263\/","title":{"rendered":"Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats"},"content":{"rendered":"

Credit to Author: Microsoft Security Experts| Date: Mon, 24 Jul 2023 16:00:00 +0000<\/strong><\/p>\n

It has been an eventful time since the introduction of Microsoft Security Experts.1<\/sup> We launched Defender Experts for Hunting, our first-party managed threat hunting service for customers who want Microsoft to help them proactively hunt threats across endpoints, Microsoft Office 365, cloud applications, and identity.2<\/sup> We also participated in the inaugural 2022 MITRE Engenuity ATT&CK\u00ae Evaluations for Managed Services, where Microsoft demonstrated industry-leading results.3<\/sup> And finally, we announced the general availability of Microsoft Defender Experts for XDR<\/a>, our first-party Managed Extended Detection and Response (MXDR) service.4<\/sup> We\u2019re excited about the launch of our newest service, so let\u2019s take a deeper look at Defender Experts for XDR and how it works.<\/p>\n

\n
\n
\n
\n
\n

Microsoft Defender Experts for XDR<\/h2>\n
\n

Meet the new first-party MXDR services from Microsoft with end-to-end protection and expertise.<\/p>\n<\/p><\/div>\n

\t\t\t\t\t\t\t \t\t\t\t\t\t\t\tLearn more<\/span> \t\t\t\t\t\t\t\t<\/span> \t\t\t\t\t\t\t<\/a> \t\t\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n
\t\t\t\t\t\"Microsoft\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n

Defender Experts for XDR builds on Microsoft\u2019s industry-leading XDR suite<\/h2>\n

Industry-leading technologies serve as the backbone of any managed security service, and Defender Experts for XDR builds on the defining benchmark that Microsoft 365 Defender has set in the extended detection and response space. Microsoft was named a Leader<\/a> in The Forrester New Wave\u2122: Extended Detection and Response (XDR), Q4, 2021, one of only two providers to be named a Leader.5<\/sup> Microsoft 365 Defender<\/a> was rated as \u201cdifferentiated\u201d in seven criteria including detection, investigation, response, and remediation. Forrester noted that our decision to regulate inputs into XDR, specifically to rich, native telemetry, yields tailored detection, investigation, response, and mitigation capabilities.<\/p>\n

Forrester notes that \u201cthere is a deep divide in the XDR market between those far along the path and those just starting to deliver on the vision of XDR\u201d and those mature providers \u201ccombine the best elements of their portfolios, including industry-leading products, to simplify incident response and build targeted, high-efficacy detections.\u201d<\/p>\n

The right and leading technologies are crucial to implementing managed services. Microsoft has a leading endpoint detection and response (EDR) solution, and while EDR is important and serves a valuable purpose, it is insufficient as the only method to protect against evolving threats.6<\/sup> In addition, \u201ctoo many tools, or worse, duplicate tools in the SOC [security operations center] need to be rationalized and managed security services like MDR [managed detection and response] are increasingly seen as not only a cost savings opportunity but also as a way to rapidly mature their capabilities.\u201d7<\/sup> With Microsoft\u2019s XDR solution<\/a> coupled with Defender Experts for XDR, we can deliver end-to-end protection and expertise.<\/p>\n

How Microsoft Defender Experts for XDR works<\/h2>\n

Our Defender Experts team delivers the essential human element that complements the power of our Microsoft 365 Defender suite. They are the tip of the spear\u2014taking unparalleled access to data and intelligence across nation-state and e-crime activity, new vulnerability data, newly observed tactics and techniques, and more to analyze and curate a hypothesis-led hunting strategy to find emerging, suspicious activities, and in turn deliver expertise to your security team immediately to help address coverage gaps and augment your overall security operations.<\/p>\n

\"Diagram<\/figure>\n

Figure 1. This diagram describes how Microsoft conducts its four-step Defender Experts for XDR process. It starts with triage and prioritizing Microsoft 365 Defender incidents and alerts to alleviate alert fatigue. Microsoft investigates and analyzes the most critical incidents first, documenting the process and findings. In the response step, Microsoft helps contain and mitigate incidents faster by delivering step-by-step guided and managed response, with Defender Experts available on-demand by live chat. Detailed recommendations and best practices are then provided to prevent future attacks. This process delivers continuous security posture improvements around the clock.<\/em><\/p>\n

As an extension of your team, Defender Experts for XDR empowers you to respond with confidence. Our Defender Experts work around the clock, monitoring your environment and triaging the incidents that need immediate attention. In the event your organization is being affected by a critical incident, our team will investigate it, correlate the threat data to determine the root cause, and provide step-by-step response actions you need to take to contain and remediate the threat. You can take it further and give us permission to contain and remediate the threat for you.<\/p>\n

\"Screenshot<\/figure>\n

Figure 2. This graphic shows a multistage incident in Microsoft 365 Defender. It includes the attack story of the active alerts related to the incident as well as the Defender Experts section that shows the guided response that includes the actions needed to resolve the incident immediately.<\/em><\/p>\n

This is all available to you in a turnkey experience, where you can get up and running in hours, with the help of your dedicated service delivery manager (SDM)\u2014your trusted advisor, who is available to you at any given time. And if you have any questions or need additional context on a particular incident, you can access our experts around the clock through live chat. Our detailed, real-time reporting shows you the comprehensive details of investigations into critical incidents, and how long it takes for our team to conduct the investigations on your behalf.<\/p>\n

\"This<\/figure>\n

Figure 3. The graph highlights the number of hours that a customer spent completing guided response tasks and the potential time savings a customer can realize if Defender Experts for XDR handles response on their behalf.<\/em><\/p>\n

\u201cDefender Experts for XDR found a shadow IT detection on the first day of service,\u201d said Mike Johnson, Global Cyber Threat and Incident Response Security Operations Center Manager at Verifone. \u201cI was impressed that they found a real issue for us so fast\u2014none of our other tools alerted us about it.\u201d<\/p>\n

Defender Experts for XDR also provides recommendations on how your team can be proactive to prevent the next attack and reduce the number of incidents over time to improve your security posture. \u201cOrganizations who need to augment their SOC with 24\/7 coverage and immediate access to expertise that will help them quickly triage, investigate, and respond to incidents should explore a managed XDR service,\u201c said Craig Robinson, Vice President of Security Services at IDC Research. \u201cMicrosoft\u2019s new MXDR service positions them to support the needs of organizations facing talent shortages who need to scale their security programs quickly, address coverage gaps, and protect their environment.\u201d<\/p>\n

Learn more about Microsoft Defender Experts for XDR<\/h2>\n

Defender Experts for XDR can quickly deliver expertise to your security teams, help address coverage gaps, and add capabilities like proactive threat hunting to augment your overall security operations. Our customers and partners have been instrumental in the development of Defender Experts for XDR and your continued trust in us drives our team to listen, learn, and adapt to meet your evolving needs. We\u2019re excited about the road ahead and look forward to being a part of your security journey and building a safer world for everyone.<\/p>\n

To learn more about the service, visit the Microsoft Defender Experts for XDR<\/a> web page, read the Defender Experts for XDR<\/a> docs page, download the datasheet<\/a>, or watch a short video<\/a>.<\/p>\n

To learn more about Microsoft Security solutions, visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security<\/a>) and Twitter (@MSFTSecurity<\/a>) for the latest news and updates on cybersecurity.<\/p>\n

\n

1<\/sup>Building a safer world together with our partners\u2014introducing Microsoft Security Experts<\/a>, Vasu Jakkal. May 9, 2022.<\/p>\n

2<\/sup>Microsoft Defender Experts for Hunting proactively hunts threats<\/a>, Microsoft Security Experts. August 3, 2022. <\/p>\n

3<\/sup>Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK\u00ae Evaluations for Managed Services<\/a>, Ryan Kivett. November 9, 2022.<\/p>\n

4<\/sup>Meet unprecedented security challenges by leveraging MXDR services<\/a>, Microsoft Security Experts. July 10, 2023.<\/p>\n

5<\/sup>Forrester Research, Inc., The Forrester New Wave\u2122: Extended Detection And Response (XDR) Providers, Q4 2021, Allie Mellen, Joseph Blankenship, Alexis Tatro, Peggy Dostie. October 13, 2021.<\/p>\n

6<\/sup>Microsoft is named a Leader in the 2022 Gartner\u00ae Magic Quadrant\u2122 for Endpoint Protection Platforms<\/a>, Rob Lefferts. March 2, 2023.<\/p>\n

7<\/sup>Applying the Lessons Learned from 2022 Is Vital for Security Service Providers to Secure Growth in 2023<\/a>, Doc #US50206623, IDC. February 2023.<\/p>\n

The post Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n

https:\/\/blogs.technet.microsoft.com\/mmpc\/feed\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Microsoft Security Experts| Date: Mon, 24 Jul 2023 16:00:00 +0000<\/strong><\/p>\n

Take a closer look at how Microsoft Defender Experts for XDR works, and how it complements the power of the Microsoft 365 Defender suite. <\/p>\n

The post Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats<\/a> appeared first on Microsoft Security Blog<\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10759,10378],"tags":[],"class_list":["post-22533","post","type-post","status-publish","format-standard","hentry","category-microsoft","category-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22533","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=22533"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/22533\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=22533"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=22533"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=22533"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}