DEFEND Managed XDR with Microsoft
Introducing DEFEND’s Managed XDR with Microsoft service, providing proactive 24x7x365 managed cybersecurity operations including advanced hunting, custom detections, response, and remediation across your Microsoft security ecosystem.
Verified by Microsoft as an MXDR partner solution, DEFEND’s Managed XDR service leverages our proven and experienced iCE (intelligence Cybersecurity Ecosystem) managed services team for Incident Management, Handling and Response and Security Capability Management to deliver an end-to-end MXDR service.
Utilising Microsoft 365 Defender, DEFEND MXDR secures your devices, identities, email, applications, and data. Taking advantage of Microsoft’s deep contextual information derived from billions of signals collected across their digital estate, advanced threats can be detected and stopped with machine learning automatic response, before harming your organisation.
- Unlocking the full capabilities of your E5 licensing ensuring Microsoft security features and applications are configured and maintained to Microsoft and DEFEND best practices and standards
- Utilising DEFEND’s iCE proven end-to-end process from receiving incident to resolution (including resolving incidents and alerts) in Microsoft 365 Defender and Microsoft Sentinel environments
- Advanced threat hunting built into the standard incident investigation process
- Leverage Microsoft Defender’s built-in response capabilities (for example: isolate machine, live response, block file, suspend user, delete email) automating your incident response actions, improving MTTR
- Incident Management, Handling & Response: Your instance of Microsoft Sentinel configured with appropriate service options and connectors, ensuring your data stays within their Azure environment.
- DEFEND’s specialised Cybersecurity Operations iCE Team provide 24x7x365 security event monitoring and response, with proactive tuning, optimisation, and threat hunting across your Microsoft 365 Defender and Microsoft Sentinel deployments
- Incidents are sent to DEFEND’s Service Management system, allowing for immediate investigation by the iCE Cybersecurity Operations Team
- Security Capability Management of Microsoft 365 Defender and Microsoft Sentinel:
- Proactive management of configurations, alert policies and the activation and integration of new features and capabilities.
- Initial configuration and ongoing management of the Microsoft 365 configurations in line with Microsoft and DEFEND Best Practice, while also allowing for the implementation of new features or services released by Microsoft and changes to existing services.