Microsoft 365 Defender
Your complete pre- and post-breach defense suite that shields your organization against threats and attacks across identities, endpoints, data, apps, email, and collaboration tools. With its automated, cross-domain threat protection and built-in AI, Microsoft 365 Defender empowers your organization by combatting the security challenges of today’s era of intelligence.
Exchange Online
Your hosted cloud-based messaging solution that delivers email, calendar, contacts, and tasks from PCs, the web, and mobile devices.
With Exchange Online, emails are hosted on Microsoft’s popular Exchange Server which enables multi-device synchronization, ensuring you always have access to your emails, calendar, and contacts – from anywhere.
Products & Features in Microsoft 365 Defender
Defender for Endpoint
A unified endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats on Windows and non-Windows platforms including macOS, Linux, Android, and iOS.
This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
A set of capabilities that provide the first line of defense in the stack that resists attacks and exploitation.
To further reinforce the security perimeter of your network, Microsoft Defender for Endpoint uses next-generation protection designed to catch all types of emerging threats.
Detect, investigate, and respond to advanced threats that may have made it past the first two security pillars using advanced hunting.
Automatic investigation and remediation capabilities help reduce the volume of alerts in minutes at scale.
A managed threat hunting service that identifies and responds to threats quickly and accurately.
Defender for Business
An endpoint security solution that was designed especially for the small- and medium-sized business (up to 300 employees). Defender for Business offers the same powerful capabilities as Defender for Endpoint except for Microsoft threat experts, advanced hunting, and incident investigation capabilities.
Defender for Identity
A cloud-based security solution that shields your on-premises Active Directory. It identifies, detects, and investigates advanced threats, compromised identities, and malicious insider actions directed at your organization. By monitoring and analyzing your users’ behavior and activities, Defender for Identity helps you prevent identity attacks.
Defender for Identity identifies anomalies with adaptive built-in intelligence. This gives you insights into suspicious activities and events, revealing the advanced threats, compromised users, and insider threats facing your organization.
Through security reports and user profile analytics, Defender for Identity provides you with invaluable insights on identity configurations and suggested security best-practices. It also helps dramatically reduce your organizational attack surface, making it harder to compromise user credentials, and advance an attack.
Defender for Identity identifies advanced threats at the source throughout the entire cyber-attack kill chain.
Defender for Identity is designed to reduce general alert noise, providing only relevant, important security alerts in a simple, real-time organizational attack timeline.
Defender for Cloud Apps
A cloud access security broker (CASB) solution that operates on multiple clouds. It provides multifunction visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats across all your Microsoft and third-party cloud services and apps.
It uses your traffic logs to dynamically discover and analyze the cloud apps that your organization is using.
You can use Defender for Cloud Apps to sanction (approve) or unsanction (block) apps in your organization by using the cloud app catalog. You can use the extensive and continuously growing catalog of over 31,000 cloud apps to rate the risk for your cloud apps based on regulatory certifications, industry standards, and best practices.
By using APIs from cloud app providers to integrate the Defender for Cloud Apps cloud with other cloud apps, App connectors extend control and protection. They also give you access to information directly from cloud apps, for Defender for Cloud Apps analysis.
Microsoft Defender for Cloud Apps Conditional Access App Control uses reverse proxy architecture to give you the tools you need to have real-time visibility and control over access to and activities performed within your cloud environment.
You can use policies to define your users’ behavior in the cloud and detect risky behavior, violations, or suspicious data points and activities in your cloud environment.
Defender for Office 365
A cloud-based email filtering service that protects your organization against advanced threats to email and collaboration tools, like phishing, business email compromise, and malware attacks. It also provides investigation, hunting, and remediation capabilities to help security teams efficiently identify, prioritize, investigate, and respond to threats.
Protects your users from malicious URLs in a message or in an Office document.
Helps detect and block files that are identified as malicious in team sites, document libraries, and Microsoft Teams channels and chats.
Smart reports and insights which also include recommendations and links to view and explore data and take quick actions.
Run automated investigation processes in response to well-known threats that exist today.
Helps customers detect, prioritize, and remediate phishing risks by using real world phish lures and hyper-targeted training to change employee behaviors.
Defender Vulnerability Management
A security solution that uses AI to detect, analyze, prioritize, and fix vulnerabilities in Windows, macOS, Linux, Android, iOS, and network devices. It provides a centralized dashboard and automated patch management capabilities that make tracking and managing known vulnerabilities easier.
Built-in and agentless scanners continuously monitor and detect risk in your organization even when devices aren’t connected to the corporate network.
Defender Vulnerability Management leverage Microsoft’s threat intelligence, breach likelihood predictions, business contexts, and device assessments to quickly prioritize the biggest vulnerabilities in your organization.
Enable security administrators and IT administrators to collaborate and seamlessly remediate issues with built-in workflows.
How to Get Microsoft 365 Defender Products
Option 1
| Get the app(s) you want as a standalone subscription |
|---|
 Defender for Endpoint (P1 & P2) |
| Defender for Business |
| Defender for Identity |
| Defender for Cloud Apps |
| Defender for Office 365 (P1 & P2) |
| Defender Vulnerability management |
Option 2
| Defender for Endpoint Included in: |
|---|
| Microsoft 365 E3 (Defender for Endpoint Plan 1) |
| Microsoft 365 E5 (Defender for Endpoint Plan 2) |
| Defender for Business Included in: |
|---|
| Microsoft 365 Business Premium |
| Defender for Identity Included in: |
|---|
| EMS E5 |
| Microsoft 365 E5 |
| Defender for Cloud apps Included in: |
|---|
| EMS E5 |
| Microsoft 365 E5 |
| Defender for Office 365 Included in: |
|---|
| Microsoft 365 Business Premium (Defender for Office 365 Plan 1) |
| Office 365 E5 (Defender for Office 365 Plan 1 and 2) |
| Microsoft 365 E5 (Defender for Office 365 Plan 1 and 2) |
| Defender Vulnerability Management Included in: |
|---|
| Office 365 E5 |
| Microsoft 365 E5 |