Microsoft continues to sharpen and simplify its cybersecurity product and service branding. Indeed, the latest Microsoft Defender branding organizes services into two groups -- the first essentially defends SaaS services, while the second essentially defends IaaS and PaaS services.
According to a simplified chart published by ZDnet:
A. The Microsoft 365 Defender line will include:
- Microsoft 365 Defender (previously Microsoft Threat Protection)
- Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)
- Microsoft Defender for Office 365 (previously Office 365 Advanced Threat Protection)
- Microsoft Defender for Identity (previously Azure Advanced Threat Protection)
B. The Azure Defender line will include:
- Azure Defender for Servers (previously Azure Security Center Standard Edition)
- Azure Defender for IoT (previously Azure Security Center for IoT)
- Azure Defender for SQL (previously Advanced Threat Protection for SQL)
Microsoft Azure Defender for IoT: Service Details, Integrations
Microsoft also provided an update on Azure Defender for IoT, which leverages technology from the recent CyberX acquisition. Among the key details to note, the service:
- delivers agentless security for continuously monitoring Operational Technology (OT) devices in industrial and critical infrastructure networks;
- is available for on-premises deployments during Public Preview, with Azure-based deployment options to follow;
- is also integrated with Azure Sentinel — a cloud-native SIEM/SOAR platform; and
- integrates with third-party tools like Splunk, IBM QRadar, and ServiceNow.
Azure Sentinel, by the way, is expected to increasingly compete against Google Chronicle.
