https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Services Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Cloud security

Microsoft Defender Rebranding Marks New Focus on Automated XDR-SIEM Integration

  • Written by Jeffrey Schwartz
  • September 24, 2020
Microsoft is integrating its extended detection and response tools and adding updates to Azure Sentinel.

Microsoft is coalescing its extended detection and response (XDR) offerings under the Microsoft Defender brands. The move, announced at this week’s Microsoft Ignite virtual conference, aligns with the company’s new approach to advanced threat protection.

The new approach underscores Microsoft’s focus on delivering an integrated security portfolio, enabled with interfaces to partner solutions. The Microsoft Defender rebranding includes new and updated tools. It also signals that Microsoft’s endpoint detection and response (EDR) technology has evolved to XDR.

Unlike EDR, XDR provides automated and integrated security across domains, according to Rob Lefferts, corporate VP for Microsoft 365 security. XDR tools share disparate alert telemetry from various nodes, such as email or endpoints. XDR also uses artificial intelligence to automate processes, which enables more rapid detection of sophisticated threats.

Microsoft's Rob Lefferts

Microsoft’s Rob Lefferts

“This integrates and streamlines the continuum between threat detection tools, reduces the time to respond and hardens your defenses to prevent further attacks across your end-user environments, as well as your cloud, on-prem infrastructure, including mobile devices,” Lefferts said during an Ignite presentation.

Microsoft is not the only technology provider emphasizing XDR in its security portfolios. Cisco, McAfee and Trend Micro, among others, describe XDR as the progression of EDR.

Shift from EDR to XDR

XDR has become a rising trend among in IT security over the past year, says 451 Research analyst Fernando Montenegro.

“Customers are looking for a way to better integrate the different data sources they have for the purposes of doing security,” Montenegro said.

XDR allows organizations to automate the gathering of telemetry from endpoint, network, identity management and other protection tools. Once collected, the data moves into a security information and event management (SIEM) platform, which then correlates it.

451 Research's Fernando Montenegro

451 Research’s Fernando Montenegro

“Doing the actual integration work sometimes requires more heavy lifting than customers and security professionals are able to do,” Montenegro said. “XDR provides that quick value of security integration early on in the process.”

The COVID-19 pandemic has accelerated the urgency among organizations to transform their approach to security, according to Microsoft. Research the company published last month shows organizations have experienced a spike in phishing scams since the pandemic began.

Overall, a sharp rise in threats has raised the need to automate the integration of data into a SIEM. Microsoft has detected 1 trillion security signals so far this year, up from 300 billion during 2019, Lefferts said.

“These are numbers that the human brain can’t even understand,” he said. “We process all of those signals and refine our threat intelligence further with predictive machine learning models.”

Azure Sentinel

Microsoft’s entry to the SIEM market with last year’s release of Azure Sentinel was an ambitious effort to fill out its security portfolio. More than 6,500 customers now use Azure Sentinel, according to Microsoft. In addition, managed security service providers (MSSPs) are using it to provide security operations centers (SOCs) for customers. Accenture CyberProof, Insight and Trustwave are a few.

Microsoft's Sarah Fender

Microsoft’s Sarah Fender

At Microsoft Ignite, the company said it is adding user and entity behavioral analytics (UEBA) to Azure Sentinel. The UEBA capabilities aim to better detect unknown threats involving anomalous user behavior. Sarah Fender, a group program manager for Azure Sentinel, described the updates during a Microsoft Ignite session.

“This helps to identify anomalies and extract behavioral insights for threat hunting and detection,” Fender said abut UEBA.

Fender said Microsoft is also announcing “dozens of new scenarios that fuse together lower fidelity alerts and events into a few prioritized incidents.”

Fender outlined in a blog several other new Azure Sentinel features announced at Ignite. Among them are …

  • Page 1
  • Page 2
Tags: MSPs VARs/SIs Analytics Cloud IoT Mobility & Wireless Security Technologies Virtualization

Most Recent


  • trophy
    Verizon, AT&T Among Avaya Partner of the Year Award Winners
    Who was awarded the overall U.S. Partner of the Year for total growth?
  • Eight, 8
    8 Takeaways You Need to Know from AWS’ Public Sector Summit
    Get the scoop from Jeffrey Kratz, who now leads the vendor’s public sector partner program.
  • Managed Security Services
    Verizon Data Breach Investigation Report: Employee Cybersecurity Training Still Lagging as Stolen Credentials Rise
    The DBIR team examined more than 914,000 incidents and nearly 235,000 data breaches.
  • Are You Ready
    Microsoft Readies Era of NPU Devices with Hybrid Loop, Project Volterra
    Devices with neural processors will enable processing to shift from device to cloud.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • edge computing
    'Challenging Results' for MSPs in Channel Futures' Exclusive Quarterly Survey
  • White House
    White House Urges Companies to Take Ransomware Attacks More Seriously
  • Security shield on digital background
    VMware Security Connect Focused on Redefining Security, Increasing Threats
  • Fortune 500 2021 logo
    AT&T, Microsoft, Verizon, More Tech, Telco Companies Make Latest Fortune 500

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

8 Takeaways You Need to Know from AWS’ Public Sector Summit

May 24, 2022

Verizon Data Breach Investigation Report: Employee Cybersecurity Training Still Lagging as Stolen Credentials Rise

May 24, 2022

Top 5 Cloud, Data Announcements from Informatica World

May 24, 2022

Industry Perspectives

View all

Leverage Your MSP’s People Power

May 24, 2022

How SD-WAN Helps Secure the Expanding Network Perimeter

May 19, 2022

A Sneak Peek at the 2022 BrightCloud Threat Report

May 17, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

.@Avaya doles our Partner of the Year honors to @ATTBusiness @VerrizonBusiness @Converge_One @Jenne_inc @TELUS… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

.@IngramMicroInc's John Dusett talks @ThisIsCloudBlue, MSPs, cybersecurity, AWS and more. dlvr.it/SR0Cw1 https://t.co/OpcZRj9fdb

May 24, 2022
ChannelFutures

.@VZDBIR dove deep into the latest #databreach trends. @TheMediaTrust @saryunayyar @Gurucul @olsontmt… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

Using people power to drive #profitability and capitalize on emerging #tech @Sherweb #MSPs dlvr.it/SQzrrl https://t.co/XwLfY492B0

May 24, 2022
ChannelFutures

.@Unit4Global @embridgeconsult talk the shift away from service delivery to sales #ERP. dlvr.it/SQzmPV https://t.co/dKLAPIKfzS

May 24, 2022
ChannelFutures

This Thursday, join us online for this incredible discussion, hosted by @chachelly of @figfirm, and featuring the i… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

Check out the news coming from @Informatica today regarding cloud, data, #AI. #InformaticaWorld… twitter.com/i/web/status/1…

May 24, 2022
ChannelFutures

What are traits of a valuable vendor/partner relationship? We asked our roundtable partner participants to weigh in… twitter.com/i/web/status/1…

May 23, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X