Introducing the integrated Microsoft Threat Protection solution

What’s up gang.. Jose here with some news from Microsoft:

Every day, attackers compromise endpoints, identities, and email to infiltrate and quickly expand their foothold in an organization. Customers need protection across these attack vectors to defend against evolving threats. Microsoft Threat Protection is an integrated solution that’s built on our best-in-class Microsoft 365 security suite: Microsoft Defender Advanced Threat Protection (ATP) for endpoints, Office 365 ATP for email and collaboration tools, Azure ATP for identity-based threats, and Microsoft Cloud App Security (MCAS) for SaaS applications.  

Move from alerts to incidents

We are introducing the concept of “incidents,” previously available only for endpoints. These incidents correlate alerts across threat vectors to determine the full scope of the threat across Microsoft 365 products.

Interesting to see Microsoft move to a more “Automated Threat Response”. It appears that they want to enable more and more organizations, who may not have a cyber security team, to off load some of this investigative work to their Azure customers. The solution is still in “public preview” as of 12/11/2019.

Read more here: http://aka.ms/EnableMTP 

https://techcommunity.microsoft.com/t5/Security-Privacy-and-Compliance/Introducing-the-integrated-Microsoft-Threat-Protection-solution/ba-p/1059225