cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Unified experiences across endpoint and email are now generally available in Microsoft 365 Defender
By
Amir_Lande
Published Apr 19 2021 09:51 AM 31.9K Views
Amir_Lande
Microsoft
‎Apr 19 2021 09:51 AM

Unified experiences across endpoint and email are now generally available in Microsoft 365 Defender

‎Apr 19 2021 09:51 AM

We’re excited to announce that we have reached a new milestone in our XDR journey: the integration of our endpoint and email and collaboration capabilities into Microsoft 365 Defender is now generally available. Security teams can manage all endpoint, email, and cross-product investigations, configuration, and remediation within a single unified portal.

 

Register for the Microsoft 365 Defender’s Unified Experience for XDR webinar to learn how your security teams can leverage the unified portal and check out our video to learn more about these new capabilities.

 

This release delivers the rich set of capabilities we announced in public preview, including unified pages for alerts, users, and automated investigations, a new email entity page offering a 360-degree view of an email, threat analytics, a brand-new Learning hub, and more – all available exclusively in the Microsoft 365 Defender portal at security.microsoft.com.

 

Now is the time to start moving your users to the unified experience using the automatic URL redirection for Microsoft Defender for Endpoint and automatic URL redirection for Microsoft Defender for Office 365 as the previously distinct portals will eventually be phased out.

 

Amir_Lande_0-1618850969300.png

Figure 1: Endpoint features integrated into Microsoft 365 Defender.  

 

 Amir_Lande_1-1618850969316.png

Figure 2: Email and collaboration features integrated into Microsoft 365 Defender. 

 

We’re excited to be bringing these additional capabilities into Microsoft 365 Defender and look forward to hearing about your experiences and your feedback as you explore and transition to the unified portal.

 

To read more about the unified portal experience, check out: 

15 Comments
Jonas Back
Steel Contributor
‎Apr 19 2021 01:49 PM
‎Apr 19 2021 01:49 PM

@Amir_Lande Great that the unified admin experience is moving forward. We still see MCAS offering some exclusive features. What is the longterm plan for that admin portal, is that also moving into https://security.microsoft.com?

0 Likes
Like
Omri Amdursky
Microsoft
‎Apr 20 2021 01:50 AM
‎Apr 20 2021 01:50 AM

@Jonas Back, yes. MCAS will be integrated as a coherent part of M365D under security.microsoft.com.

0 Likes
Like
gregoval
Copper Contributor
‎Apr 20 2021 07:30 AM
‎Apr 20 2021 07:30 AM

The integration is absolutely great. One question, in case of Multi tenancy when trying to open different Defender 365 consoles (using ?tid in the URL) in different tabs in the same web browser, we have still access only ton one tenant. Every time it needs to open a different Browser in incognito mode in order to view multiple Tenant's consoles simultaneously. In prior consoles (Microsoft Defender for Endpoint - securitycenter.microsoft.com) we had no issues accessing multiple tenants within the same browser.

 

Regards,

Greg

0 Likes
Like
shark_it
Copper Contributor
‎Apr 20 2021 08:06 AM
‎Apr 20 2021 08:06 AM

Do you have any plan to default-enable or enforce redirecting from formerly Defender for Endpoint Console or Defender for Office 365?

0 Likes
Like
Amir_Lande
Microsoft
‎Apr 21 2021 03:48 AM
‎Apr 21 2021 03:48 AM

@gregoval We are working on a solution to support accessing multiple tenant portals in adjacent browser tabs

0 Likes
Like
Amir_Lande
Microsoft
‎Apr 21 2021 06:49 AM
‎Apr 21 2021 06:49 AM

@shark_it Yes, redirection from the standalone portal for Defender for Endpoint (securitycenter.windows.com) and the standalone portal for Defender for Office 365 (protection.office.com) to their new home at security.microsoft.com will be the default behavior soon. At first, users will have the option to switch back to the standalone portals if necessary. We will share the exact timelines in the next couple of weeks.

Jonas Back
Steel Contributor
‎Apr 21 2021 11:13 PM
‎Apr 21 2021 11:13 PM

@Amir_Lande I manage many customers and noticed that some customers, some with M365 E3 and some with M365 E5. I see an example where an M365 E3 customer without Defender for Office 365 has the following in Incidents & Alerts:

security1.png

 

While an M365 E5 with Defender for Office 365 Plan 2 has:

security2.png

 

That is, they're missing the Email & collaboration alerts. By design? Or maybe the two tenants are simply on different release versions of the new portal and it will eventually turn up in the other tenant too?

0 Likes
Like
Amir_Lande
Microsoft
‎Apr 22 2021 12:31 AM
‎Apr 22 2021 12:31 AM

@Jonas Back This is indeed by design. For the tenant with M365 E5 - you should be able to see all the alerts from across the available Microsoft 365 security products (including the Defender for Office 365 alerts) in a single, unified alerts queue (the 'Alerts' entry in the navigation bar).

0 Likes
Like
Jonas Back
Steel Contributor
‎Jun 08 2021 01:21 AM
‎Jun 08 2021 01:21 AM

@Amir_Lande In the old protection.office.com we had Alerts > Alert Policies where you could create your own and Microsoft provided us with some default built-in alert policies. I can't seem to find these in the new security.microsoft.com. What is the plan for those? 

 

alerts.png

 

I do see security.microsoft.com > Alerts > Manage alerts but it's greyed out. I've checked three different tenants and I'm Global Admin in all of them.

Alerts_greyed.png

 
0 Likes
Like
Amir_Lande
Microsoft
‎Jun 08 2021 01:58 AM
‎Jun 08 2021 01:58 AM

@Jonas Back you can find the (Defender for Office 365) alert policies here:

Amir_Lande_0-1623142707054.png

 

0 Likes
Like
Jonas Back
Steel Contributor
‎Jun 08 2021 06:05 AM
‎Jun 08 2021 06:05 AM

@Amir_Lande Thanks for clarifying this - I totally missed that.

0 Likes
Like
martinrojahn
Copper Contributor
‎Mar 10 2022 06:18 AM
‎Mar 10 2022 06:18 AM

Hi @Amir_Lande
Any update on making the new Microsoft 365 Defender portal working for multitenancy? This is a breaking change for CSPs & MSSPs.  

0 Likes
Like
VNJoe
Iron Contributor
‎Jul 29 2022 04:42 PM
‎Jul 29 2022 04:42 PM

16 months, still no multitenancy.

0 Likes
Like
martinrojahn
Copper Contributor
‎Aug 05 2022 02:01 AM
‎Aug 05 2022 02:01 AM

@Amir_Lande any updates on this? 

0 Likes
Like
John_Cabral
Copper Contributor
‎Apr 16 2024 05:17 AM
‎Apr 16 2024 05:17 AM

This is an amazing feature making it easier to identify the type and kind of threat and the path the threat is taking by quickly identifying the user and its activity.

0 Likes
Like
Co-Authors
Version history
Last update:
‎Apr 19 2021 09:51 AM
Updated by: