At Ignite 2018, Microsoft reasserted its focus on cybersecurity across three key themes: security operations that work for you, enterprise-class technology, and driving partnerships for a heterogenous world. Microsoft Threat Protection is built with these foundational elements, offering SecOps capabilities designed for securing today’s enterprise, with several services in the overall solution leveraging partners to ensure extended coverage for our customers. Microsoft Threat Protection is also designed to address the most common security challenges our customers tell us they face (figure 1).
Figure 1. Our customer’s security challenges.
Our customers have told us they worry about the growing volume and sophistication of the threat landscape, the expanding attack surface, and the difficulty of making intelligent decisions quickly and cost-effectively. These customer concerns led to the development of Microsoft Threat Protection and the services of this broad solution are designed to work collectively to help solve our customer’s pain points. Microsoft Threat Protection helps secure the modern workplace across its entire attack surface, securing identities, endpoints, cloud apps, and infrastructure.
Figure 2. The end to end Microsoft Threat Protection solution, securing identities, endpoints, user data, cloud apps, and infrastructure.
As figure 2 highlights, Microsoft Threat Protection is enriched by 6.5 trillion daily signals harnessed from the Microsoft Intelligent Security Graph (figure 3). The Intelligent Security Graph serves as the foundation for all of Microsoft’s security solutions, obtaining threat signal from Microsoft’s services, expansive user base, and global footprint. The Intelligence Security Graph blends threat signal with powerful machine learning capabilities, threat analysis from our 3500+ in-house security specialists, and support from over $1 billion in annual cybersecurity investments. The Intelligent Security Graph helps remove the noise from the threat landscape, providing intelligent solutions to mitigate today’s attack campaigns, from generic high volume threats, to more sophisticated and targeted attacks. It is the powerful differentiator which elevates Microsoft’s security solutions to the forefront of the security industry, enabling seamless integration and signal sharing, bringing together a disparate set of services into a cohesive, end to end solution securing the modern workplace.
Figure 3. Breadth and depth of signal sources for the Microsoft Intelligent Security Graph
The services in Microsoft Threat Protection
Since today’s enterprise has an extensive attack surface, attacks can come from anywhere. As such, no one service can secure the entire modern workplace. Groups of services must work in tandem to secure the different attack vectors to help ensure an enterprise’s is secured across the entire attack surface. Figure 4 summarizes the full set of services which are part of Microsoft Threat Protection. As we demonstrated, different groups of solutions help secure a different attack vector:
Customers who leverage all the services in Microsoft Threat Protection will enjoy a fully integrated, end-to-end solution, securing their enterprise, across the entire attack surface. In fact, the integration is not limited to the technological back end. Microsoft Threat Protection policies and information can be accessed from the Microsoft Security Center which surfaces signal from all the different services in one single, unified, console (figure 5), providing both visibility and control over the entire enterprise environment. This portal not only provides alerts and monitoring of threats impacting the organization, but also offers the ability to make real-time policy changes to help ensure the organization’s security evolves to stay ahead of the changing threats.
Figure 5. The Microsoft Security Center
As the graphs in figure 5 show, the Microsoft Threat Protection solution goes far beyond protection. It has a rich set of detection, response and remediation, and education and training capabilities. From our extensive work with customers across the globe, we understand that protection is only one part of security. Thus, the most effective and robust solutions must also allow for quick detection, rapid response, and full remediation of threats. Microsoft Threat Protection even offers the ability to simulate threat campaigns, enabling customers to educate their end users on how to react in the event of an attack (figure 6).
Figure 6. Microsoft Threat Protection is designed to protect, detect, and respond to threats but goes even further by helping educate customers and end users on modern threats
Learn more about Microsoft Threat Protection by watching our recent Ignite session. Also, make sure you check out the Microsoft Threat Protection page to learn more about the different services that are part of the solution and how it can help secure your modern workplace.