Microsoft Security Solutions Ignite 2021 Round-Up
With Ignite November 2021 all wrapped-up, there were so many great announcements, changes, and some product name changes that we’ll need to remember going forwards.
Feeling confused about what to call things after all the changes? You’re not alone. Here’s a handy little list of the security oriented changes for reference.
Microsoft Security Solutions Name Changes November 2021
|Old Name||New Name|
|Microsoft Cloud App Security (MCAS)||Microsoft Defender for Cloud Apps (MDCA)|
|Azure Security Center Azure Defender||Microsoft Defender for Cloud|
|Azure Defender for IOT||Microsoft Defender for IOT|
|Azure Defender for Storage||Microsoft Defender for Storage|
|Azure Sentinel||Microsoft Sentinel|
Updates include multi-cloud on-boarding simplified, improved integration with AWS, native support for AWS compute workloads, AWS API integration instead of ASW Security Hub, AWS Elastic compute, EKS Elastic Kubernetes Service cluster protection, and integration with Azure Purview.
Microsoft Defender for Endpoint Changes November 2021
New Product: Microsoft Defender for Business
Optimized for organizations of up to 300 employees, designed to block malware and ransomware via antivirus and endpoint detection (EDR), protect devices on Android, iOS, MacOS, and Windows operating systems.
Support for Microsoft 365 Lighthouse, alert and dashboard views of security incidents, and utilize APIs to export events to a SIEM solution (including of course Microsoft Sentinel).
Microsoft Defender for Endpoint Plan 1 and Plan 2
|Old Name||New Name|
|Microsoft Defender for Endpoint||Microsoft Defender for Endpoint Plan 2|
While Plan 2 is the new name for the full product, a new product SKU of Plan 1 has been added that provides only the EDR or endpoint detection and response capabilities. Plan 1 is the SKU to move to if you are enterprese or ‘E’ series licensing for Microsoft 365 and have 300+ employees or utilize the enterprise features required for your business operations.
Plan 2 capabilities further prevent security breaches, reduce time to remediation, and minimize the scope of attacks with vulnerability management, endpoint detection and response (EDR), automated remediation, advanced hunting, sandboxing, managed hunting services, and in-depth threat intelligence and analysis about the latest malware campaigns and nation state threats.