With persistent cyber threats and Executive Order 14028 requirements announced in May 2021, there is significant pressure for government agencies to improve their security posture as well as proactively prevent and respond to attacks. Microsoft 365 Defender leverages the Microsoft 365 security portfolio to detect and help stop attacks anywhere in the kill chain. We are happy to announce that Microsoft 365 Defender is now available to GCC, GCC High and DoD customers. Microsoft 365 Defender can help government customers optimize their security by:
- Automatically preventing threats from accessing your organization and helping to stop attacks before they happen,
- Reducing confusion, clutter and alert fatigue with a single dashboard to view prioritized incidents and one place to investigate and respond to incidents holistically,
- Returning affected assets to a safe state in the broader context of an incident and automatically remediate seemingly isolated attacks.
What is Microsoft 365 Defender?
Microsoft 365 Defender provides XDR capabilities across Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity and Microsoft Defender for Cloud Apps in GCC, GCC High and DoD environments. Microsoft 365 Defender helps determine the full scope and impact of a threat by stitching together the threat signal received from each of these products. Microsoft 365 Defender can help identify initial threat entry, the scope of the issue, and how it’s currently impacting the organization. It also can take automatic action to prevent or stop the attack and self-heal affected mailboxes, endpoints, and user identities.
Microsoft 365 Defender services protect:
- Endpoints with Defender for Endpoint - Defender for Endpoint is a unified endpoint platform for preventative protection, post-breach detection, automated investigation, and response.
- Email and collaboration with Defender for Office 365 - Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools.
- Identities with Defender for Identity and Azure Active Directory (Azure AD) Identity Protection - Defender for Identity uses your on-premises Active Directory Domain Services (AD DS) signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization. Azure AD Identity Protection automates the detection and remediation of identity-based risks in your cloud-based Azure AD.
- Applications with Microsoft Defender for Cloud Apps - Microsoft Defender for Cloud Apps is a comprehensive cross-SaaS solution bringing deep visibility, strong data controls, and enhanced threat protection to your cloud apps.
Get started today
Microsoft 365 Defender for US government customers is built in the Azure US Government environment and uses the same underlying technologies as Microsoft 365 Defender in Azure Commercial. This offering is available to GCC, GCC High, and DoD customers and is based on the same prevention, detection, investigation, and remediation as the commercial version. However, there are some differences in the availability of capabilities for this offering. Learn more about licensing requirements and feature parity with commercial version at Microsoft 365 Defender for US Government customers | Microsoft Docs.
The release of Microsoft 365 Defender corresponds with the Microsoft Security Center portal URL redirection to the new unified experience as follows:
Check out these resources to learn more about Microsoft 365 Defender:
APPENDIX:
As a specialist for Microsoft 365 security, compliance and identity solutions within our government-focused environments, you can connect with me here. Check out other Microsoft 365 compliance resources for US government below and use the Microsoft 365 Roadmap to track status of upcoming Microsoft 365 compliance features in GCC, GCC High and DoD environments.
