Announcing Microsoft Threat ProtectionSeptember 26, 2018
At Ignite 2018, Microsoft reasserted its focus on cybersecurity across three key themes: security operations that work for you, enterprise-class technology, and driving partnerships for a heterogenous world. Microsoft Threat Protection is built with these foundational elements, offering SecOps capabilities designed for securing today’s enterprise, with several services in the overall solution leveraging partners to ensure extended coverage for our customers. Microsoft Threat Protection is also designed to address the most common security challenges our customers tell us they face (figure 1).
Our customers have told us they worry about the growing volume and sophistication of the threat landscape, the expanding attack surface, and the difficulty of making intelligent decisions quickly and cost-effectively. These customer concerns led to the development of Microsoft Threat Protection and the services of this broad solution are designed to work collectively to help solve our customer’s pain points. Microsoft Threat Protection helps secure the modern workplace across its entire attack surface, securing identities, endpoints, , cloud apps, and infrastructure.
As figure 2 highlights, Microsoft Threat Protection is enriched by 6.5 trillion daily signals harnessed from the Microsoft Intelligent Security Graph (figure 3). The Intelligent Security Graph serves as the foundation for all of Microsoft’s security solutions, obtaining threat signal from Microsoft’s services, expansive user base, and global footprint. The Intelligence Security Graph blends threat signa with powerful machine learning capabilities, threat analysis from our 3500+ in-house security specialists, and support from over $1 billion in annual cybersecurity investments. The Intelligent Security Graph helps remove the noise from the threat landscape, providing intelligent solutions to mitigate today’s attack campaigns, from generic high volume threats, to more sophisticated and targeted attacks. It is the powerful differentiator which elevates Microsoft’s security solutions to the forefront of the security industry, enabling seamless integration and signal sharing, bringing together a disparate set of services into a cohesive, end to end solution securing the modern workplace.
The services in Microsoft Threat Protection
Since today’s enterprise has an extensive attack surface, attacks can come from anywhere. As such, no one service can secure the entire modern workplace. Groups of services must work in tandem to secure the different attack vectors to help ensure an enterprise’s is secured across the entire attack surface. Figure 4 summarizes the full set of services which are part of Microsoft Threat Protection. As we demonstrated, different groups of solutions help secure a different attack vector:
- Identities: Azure Active Directory Information Protection, Azure Advanced Threat Protection, Microsoft Cloud App Security
- Endpoints: Windows Defender Advanced Threat Protection, Windows 10, Microsoft Intune
- User Data: Exchange Online Protection, Office 365 Advanced Threat Protection, Office 365 Threat Intelligence, Windows Defender Advanced Threat Protection, Microsoft Cloud App Security
- Cloud Apps: Exchange Online Protection, Office 365 Advanced Threat Protection, Microsoft Cloud App Security
Customers who leverage all the services in Microsoft Threat Protection will enjoy a fully integrated, end-to-end solution, securing their enterprise, across the entire attack surface. In fact, the integration is not limited to the technological back end. The Microsoft Threat Protection solution can be accessed from the which surfaces signal from all the different services in one single, unified, console (figure 5), providing both visibility and control over the entire enterprise environment. This portal not only provides alerts and monitoring of threats impacting the organization, but also offers the ability to make real-time policy changes to help ensure the organization’s security evolves to stay ahead of the changing threats.
As the graphs in figure 5 show, the Microsoft Threat Protection service goes far beyond protection. The service has a rich set of detection, response and remediation, and education and training capabilities. From our extensive work with customers across the globe, we understand that protection is only one part of security. , thus, the most effective and robust solutions must also allow for quick detection, rapid response, and full remediation of threats. Microsoft Threat Protection goes beyond protect, detect, and respond, even offering the ability to simulate threat campaigns, enabling customers to educate their end users on how to react in the event of an attack (figure 6).
Learn more about Microsoft Threat Protection by watching our recent Ignite session. Also, make sure you check out the Microsoft Threat Protection page to learn more about the different services that are part of the solution and how it can help secure your modern workplace.