Source URL: https://techcommunity.microsoft.com/blog/microsoftsecurityexperts/elevate-your-protection-with-expanded-microsoft-defender-experts-coverage/4439134
Source: Microsoft Security Blog
Title: Elevate your protection with expanded Microsoft Defender Experts coverage
Feedly Summary: Defender Experts now offers 24/7, expert-driven protection for cloud workloads, beginning with hybrid and multicloud servers in Microsoft Defender for Cloud. Additionally, third-party network signals can be used in Microsoft Defender Experts for XDR to enhance incidents for faster and more accurate detection and response.
The post Elevate your protection with expanded Microsoft Defender Experts coverage appeared first on Microsoft Security Blog.
AI Summary and Description: Yes
**Summary:** The text discusses the launch of enhanced services by Microsoft Defender Experts, which provide 24/7 managed protection for cloud workloads, including hybrid and multicloud environments. This offering is designed to address the increasing complexity of security threats driven by AI, and to support organizations in bolstering their security operations centers (SOCs). It emphasizes the integration of third-party network signals for improved incident detection and response.
**Detailed Description:**
The text outlines significant advancements in Microsoft Defender Experts services, aimed at enhancing security for cloud workloads amid a growing threat landscape. Below are the key points and their implications for security and compliance professionals:
– **24/7 Expert Protection**: Microsoft Defender Experts now provides round-the-clock managed extended detection and response (MXDR) for cloud workloads. This service extension is critical as organizations increasingly rely on cloud environments for critical operations and, consequently, face heightened security risks.
– **Integration of Third-Party Network Signals**:
– The service now allows the incorporation of network signals from trusted third-party providers (e.g., Palo Alto Networks, Zscaler, Fortinet) to enrich incident investigations. This integration allows security teams to gain a comprehensive understanding of incidents and improves the accuracy of threat detection.
– Enrichment helps identify patterns of attack, particularly for complex threats such as lateral movement and data exfiltration attempts, which are essential for proactive threat hunting.
– **Rising Cloud Security Incidents**: Statistics from IDC indicate that in 2024, organizations will face an average of more than nine cloud security incidents, highlighting the urgency for improved security measures amid escalating threats.
– **Skills Gap**: The announcement acknowledges a significant skills gap within cloud security, with 40% of security professionals identifying it as a top area requiring skilled expertise. This reinforces the need for managed services like Defender Experts that can supplement internal teams.
– **Flexible Pricing Model**: Details are provided regarding a cost-effective pricing approach for Defender Experts coverage based on server use, making it adaptable for businesses as they scale their cloud infrastructure.
– **Incident Scenario**: The text describes a hypothetical incident illustrating the proactive capabilities of the Defender Experts team in identifying and responding to credential compromise through the use of enriched data. This case showcases the importance of correlating multi-source data for effective incident response.
– **Availability and Requirements**: Lastly, the text concludes with information regarding the prerequisites for enabling Defender Experts coverage, thus guiding organizations interested in availing of this enhanced service on what they need to implement it.
Overall, the enhancements brought by Microsoft Defender Experts address critical challenges in security management for cloud environments, making it a significant announcement for IT security professionals looking to optimize their defenses against evolving threats. The integration of advanced analytics from third-party sources represents a noteworthy evolution in threat detection and response, which could significantly improve organizational resilience amidst rising cyber threats.