Microsoft 365 Defender
Microsoft 365 E5 benefit with Azure Sentinel
Microsoft 365 Defender capabilities
Prevent cross-domain attacks and persistence
Automatically prevent threats from accessing your organization and stop attacks before they happen. Understand attacks and context across domains to eliminate lie-in-wait and persistent threats and protect against current and future breaches—all with help from Microsoft 365 Defender.
Reduce signal noise
View prioritized incidents in a single dashboard to reduce confusion, clutter, and alert fatigue. Use the automated investigation capabilities of Microsoft 365 Defender to spend less time on detection and response so you can focus on triaging critical alerts and responding to threats.
Auto-heal affected assets
Take care of routine and complex remediation with Microsoft 365 Defender. Detection, investigation, and response occur automatically at the domain level within each Microsoft 365 security product. Return affected assets to a safe state in the broader context of an incident and automatically remediate seemingly isolated attacks across the portfolio.
Hunt threats across domains
Search across all your Microsoft 365 data with Microsoft 365 Defender. Leverage your organizational knowledge with custom queries. Protect your organization against internal threats and develop custom detection and response tools for long-term protection and an improved Secure Score.
Industry recognition
Forrester EDR Wave
Forrester names Microsoft a leader in The Forrester Wave™: Enterprise Detection And Response, Q1 2020.
Gartner Magic Quadrant for Endpoint Protection Platforms
Microsoft named a Leader in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms.
Leader in MITRE ATT&CK
Microsoft 365 Defender leads in real-world detection in MITRE ATT&CK evaluation.
Gartner Magic Quadrant for Cloud Access Security Broker
Microsoft named a Leader in the 2020 Magic Quadrant for Cloud Access Security Broker.