Microsoft Defender Endpoint Detection and Response (EDR)
Microsoft Endpoint Detection and Response (EDR) Defender is a cloud-based comprehensive security solution that helps organisations detect, investigate, and respond to advanced threats and attacks across their network endpoints. It provides real-time monitoring, threat intelligence, and automated response capabilities to enhance your business’ overall cybersecurity posture. Microsoft EDR responds to immediate threats in the form of an automated response which may include blocking the application, sending an alert to an administrator, or logging the user off from the device.
Microsoft EDR is available in two plans.
- Defender for Endpoint Plan 1. This gives a high level security overview of all your enrolled endpoints running Windows, macOS, Android and iOS. Including information relating to threats and vulnerabilities, it provides a single centralised configuration and management enabling easy identification for your business to plan the appropriate action to resolve.
- Defender for Endpoint Plan 2. Plan 2 adds advanced threat protection by detecting, investigating and responding to threats
Benefits of Microsoft Defender for UK companies
Microsoft Defender gives you a full visibility of software installed alongside a secure score reviewing the setup of your infrastructure and devices and their alignment with best practices to protect against exposure threats. It offers an easy-to-use assessment of vulnerabilities identified on your infrastructure, as well as recommendations to make administration less time consuming.
By preemptively identifying issues, Microsoft EDR helps organisations take a proactive stance to protect themselves from cyberattack.
What’s included in each plan?
| Plan 1 | Plan 2 | |
|---|---|---|
| Unified security tools and centralized management | ✓ | ✓ |
| Next generation antimalware | ✓ | ✓ |
| Attack surface reduction rules | ✓ | ✓ |
| Device control (e,g USB) | ✓ | ✓ |
| Endpoint firewall | ✓ | ✓ |
| Network Protection | ✓ | ✓ |
| Web control / category-based URL blocking | ✓ | ✓ |
| Device-based conditional access | ✓ | ✓ |
| API’s, SIEM connector, custom TI | ✓ | ✓ |
| Application control | ✓ | ✓ |
| Endpoint detection and response | ✓ | |
| Automated investigation and remediation | ✓ | |
| Threat and vulnerability management | ✓ | |
| Threat intelligence (Threat Analytics) | ✓ | |
| Sandbox (deep analysis) | ✓ | |
| Microsoft Threat Experts | ✓ |
What is Endpoint Detection and Response?
Endpoint Detection and Response (EDR) is a cybersecurity technology which continuously monitors all the endpoints within your infrastructure in real time to detect and respond to cyber threats like ransomware and malware. Endpoint Detection and Response also collects activity data from endpoints to analyse threat patterns as well as finding vulnerabilities which exist due to software not being up to date.
Endpoint Detection and Response will respond to immediate threats in the form of an automated response which may include blocking the application, sending an alert to an administrator, or logging off the user from the device.
Proxar IT Consulting can help your London located business improve its security by implementing Microsoft Defender with Endpoint Detection and Response, which will be visible from your Secure Score showing your UK business is implementing some of the best cybersecurity practises to date. For more information, please contact us.