{"id":23206,"date":"2023-10-30T08:38:22","date_gmt":"2023-10-30T16:38:22","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2023\/10\/30\/news-16936\/"},"modified":"2023-10-30T08:38:22","modified_gmt":"2023-10-30T16:38:22","slug":"news-16936","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2023\/10\/30\/news-16936\/","title":{"rendered":"Forrester names Microsoft a Leader in the 2023 Endpoint Security Wave\u2122 report"},"content":{"rendered":"

Credit to Author: Rob Lefferts| Date: Mon, 23 Oct 2023 16:00:00 +0000<\/strong><\/p>\n

We are excited to share that Microsoft has been named a Leader in The Forrester Wave\u2122: Endpoint Security, Q4 2023<\/a>. Microsoft received the highest possible scores in the strategy category for the vision and roadmap criteria. Forrester notes, \u201cMicrosoft\u2019s outstanding roadmap for endpoint security includes expanding [Microsoft Defender for Endpoint<\/a>] functionality to operational technology (OT) and Internet of Things (IOT) devices and continuing its strategy of building an extensive partner community.\u201d <\/p>\n

In the current offering category, Microsoft achieved the highest possible scores in the threat intelligence, suite automation, endpoint, including performance impact, runtime behavior detection and response protection, network cyberthreat detection, mobile device security, behavioral analysis capabilities, and vulnerability patching remediation criteria. Forrester also noted, \u201cBeing natively integrated into Windows minimizes the agent performance overhead\u2026the Defender agent performs well on other operating systems (OS), and the agent\u2019s runtime behavior protection functions integrate into conditional access methods that can provide device trust.\u201d<\/p>\n

\n
\n
\n
\n
\n

Microsoft Defender for Endpoint<\/h2>\n
\n

Discover and secure endpoint devices across your multiplatform enterprise.<\/p>\n<\/p><\/div>\n

\t\t\t\t\t\t\t \t\t\t\t\t\t\t\tLearn more<\/span> \t\t\t\t\t\t\t\t<\/span> \t\t\t\t\t\t\t<\/a> \t\t\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n
\t\t\t\t\t\"a\t\t\t\t<\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n

AI and SOC efficiency: core to our vision and roadmap<\/h2>\n

As Vasu Jakkal, Corporate Vice President, Security, Compliance, Identity, and Management, Microsoft, states in her blog<\/a>, the global shortage of skilled security professionals and the continued, unprecedented cybersecurity threats faced by organizations have been key drivers to create and integrate new technologies to help tip the scales in favor of security teams.<\/p>\n

AI is one such technology. Bringing its breakthroughs, such as generative AI, within reach of organizations of all sizes has been core to Microsoft Defender for Endpoint\u2019s strategy. AI goes hand-in-hand with security operations center (SOC) efficiency that spans our vision of protecting every endpoint on the planet for organizations of all sizes to our roadmap of capabilities that empower security teams to outmaneuver sophisticated adversaries. Automatic attack disruption, Microsoft Security Copilot<\/a>, and native settings management are just three examples of how our vision and roadmap are already transforming the SOC in recent months.<\/p>\n

Disrupting ransomware early in the cyberattack chain with automatic attack disruption<\/h2>\n
\"Gif<\/figure>\n
\n
\n

\t\t\tWhat is ransomware?\t\t<\/p>\n

\t\t \t\t\tRead more<\/span> <\/span> \t\t<\/a> \t<\/div>\n<\/p><\/div>\n

Figure 1. How automatic attack disruption stops a ransomware attack.<\/em><\/p>\n

Security teams need every advantage in the fight against ransomware. Introduced in November 2022, Microsoft 365 Defender\u2019s unique, industry-first automatic attack disruption<\/a> stops the most sophisticated cyberattack campaigns\u2014such as ransomware, business email compromise, and attacker-in-the-middle\u2014at machine speed by leveraging multidomain signals across the extended detection and response (XDR) platform. This capability combines our industry-leading detection with AI enforcement mechanisms to block cyberthreats and limit their spread within the organization. In October 2023<\/a>, we introduced the next evolution of automatic attack disruption that stops human-operated cyberattacks earlier in the cyberattack chain in a decentralized way across devices. This industry-first, Microsoft-patented capability contains compromised users across devices just by deploying Defender for Endpoint, bringing this XDR AI-powered security within reach of even more organizations.<\/p>\n

Accelerating investigation and response with Security Copilot<\/h2>\n
\"Screenshot<\/figure>\n

Figure 2. Microsoft 365 Defender portal showing Security Copilot within advanced hunting editor.<\/em><\/p>\n

Security professionals are scarce, and we must empower them to disrupt cyberattackers\u2019 traditional advantages. With this challenge in mind, we introduced Microsoft Security Copilot in March 2023. It is the industry\u2019s first generative AI security product that allows security teams to move at machine speed. It combines OpenAI\u2019s GPT-4 generative AI model with Microsoft\u2019s security-specific model informed by our unique global threat intelligence and more than 65 trillion daily signals.1<\/sup> This month, organizations started gaining access<\/a> to Security Copilot. Embedded within Microsoft 365 Defender\u2019s existing analyst workflows, Security Copilot simplifies complex tasks with capabilities like guided response actions, and provides intuitive, actionable insight across the cyberthreat landscape such as summarized incidents in natural language.<\/p>\n

Fast-tracking setup with simplified settings management<\/h2>\n
\"Screenshot<\/figure>\n

Figure 3. Security policy interface in the Microsoft 365 Defender portal.<\/em><\/p>\n

Helping security teams move with speed and agility doesn\u2019t always require AI. Security teams can now set up and configure Defender for Endpoint so much faster with simplified security settings management<\/a>, announced in July 2023. The new streamlined approach is all contained within the unified Microsoft 365 Defender portal experience, supported across the multiplatform workloads of Windows, MacOS, and Linux. While the Microsoft Intune<\/a> portal is no longer required as part of the setup experience, Microsoft Defender for Endpoint continues to work great with Intune, sharing a single consistent source of truth for endpoint security settings.  <\/p>\n

In the coming months we look forward to introducing more AI-powered and efficiency-focused capabilities across all platforms.<\/p>\n

Industry-leading endpoint security<\/h2>\n

Microsoft Defender for Endpoint is core to Microsoft 365 Defender<\/a>, our XDR solution that spans identities, endpoints, cloud apps, email, and documents. Microsoft 365 Defender delivers intelligent, automated, and integrated security in a unified security operations experience, with detailed cyberthreat analytics and insights, unified threat hunting, and rapid detection and automation across domains\u2014detecting and stopping cyberattacks anywhere in the cyberattack chain and eliminating persistent cyberthreats.<\/p>\n

Our continued leadership in security is due in part to the close partnership we have with customers who give us continuous feedback in the product development process. We are grateful for their continued trust in us and are committed to delivering innovative security capabilities that help them secure their organizations.<\/p>\n

Our mission is to empower security teams with the best security capabilities in the industry so that you can focus on what\u2019s important: preventing and remediating cyberthreats.<\/p>\n

You can download the report<\/a> to get more details about our position as a Leader. We thank our customers and partners for being on this journey with us.<\/p>\n

Recognition across the industry<\/h2>\n

Defender for Endpoint has consistently been recognized as delivering as an industry leader across analyst and customer evaluations:<\/p>\n