We now offer integrated detection, investigation and response for Microsoft Defender for Endpoint users as part of our Managed Detection and Response (MDR) service. We have also joined the Microsoft Intelligent Security Association (MISA).
This new MDR capability enables all eSentire partners and customers—and all Microsoft users—to benefit from Microsoft’s endpoint detection and response solution across their Microsoft and hybrid environments. For Microsoft’s customers and our customers, this out-of-the-box integration is a big deal because businesses who are already part of the Microsoft ecosystem can now use the combined eSentire MDR with Microsoft Defender for Endpoint solution, to get robust and more cost-effective security outcomes. At the same time, the MISA membership also means great things for eSentire customers. Let’s dig a little deeper into both of these exciting developments.
Microsoft is an enterprise security leader and Microsoft Defender for Endpoint is a leading solution
Microsoft is only one of a handful of companies that can claim to have an extensive portfolio of IT offerings. They’re a leader in business applications, hyperscale cloud infrastructure, back-end software and a whole host of other solutions.
One of those “other solutions” is enterprise security. Right now, thousands of enterprises worldwide depend on Microsoft’s robust security capabilities, and they use Defender for Endpoint as a key component of their security strategy. These customers have hundreds of millions of devices which rely on Defender for Endpoint. And users of Windows devices are not only the ones depending on Defender for Endpoint. We are also seeing organizations securing their Mac, Linux, and Android devices with Defender for Endpoint.
Microsoft Defender for Endpoint is firmly in the top tier of endpoint protection solutions. Forrester, one of the most influential advisory firms around the globe, recently awarded Defender for Endpoint the highest score possible in endpoint telemetry, security analytics, threat hunting, ATT&CK mapping and response capabilities criteria, and Microsoft 365 Defender (formerly Microsoft Threat Protection) leads in real-world detection in MITRE ATT&CK evaluation.
In supporting Defender for Endpoint, eSentire has added another industry-leading endpoint protection solution to its portfolio, further strengthening its esENDPOINT offering and giving our customers more options. However, options don’t matter much if they don’t have compelling value.
This integration allows enterprises to get better security outcomes for less
By supporting Microsoft Defender for Endpoint, we are giving customers more freedom to decide how they want to spend their security dollars, enabling them to get the most effective security outcomes in the most cost-effective manner. And I don’t make this statement lightly. When we look at the solution costs and response capabilities that are required to be resilient in today’s threat landscape and what is available to customers bundled within Microsoft 365 licenses, we are confident that our integration provides the most effective response at the highest value.
Microsoft Defender for Endpoint is a powerful solution:
Through unique telemetry that leverages shared signals across devices, identities, and information, it provides remarkable visibility into activity on endpoints, which is a vital ingredient in a holistic, defensive posture as endpoints are at the front line of defense.
For Windows 10 and Windows Server 2019 devices, it’s agentless and cloud-powered, so there’s no additional deployment or infrastructure and no delays or update compatibility issues—meaning it’s always up-to-date.
But even advanced enterprises with large IT teams can find themselves struggling to manage the overwhelming volume of threat signals coming from all of their endpoints; and on top of that, there’s also the cloud, the network, logs, insider threats and others. Making sense of these constant event streams—and, more importantly, bringing them all together for a complete view of the attack chain—is a challenge that requires a synthesis of people, processes and specialized technology.
And once a threat is detected, a decisive response is needed. Again, knowing where to act, how to act and in what order to act, requires real security expertise. Even with automated defenses in place, it is often a very hands-on activity (as illustrated by the recent SunWalker incident)—and by now it is a common refrain that “cybersecurity expertise is in very short supply.”
eSentire’s integration with Defender for Endpoint allows us to take on that burden, on behalf of customers, to stop breaches, contain threats and minimize business risk. Enterprises, who are part of the Microsoft ecosystem, can now get around-the-clock, proactive threat hunting across their networks, endpoints, cloud and hybrid environments, eliminating blind spots that traditional technologies miss, and safeguarding all aspects of their business.
Plus, out-of-the-box integration means that deployment and time-to-value are measured in minutes, not days or weeks, which is important both for pragmatic matters like budgeting and internal reporting and for security efficacy. Once they have broken through the perimeter, skilled attackers need less than an hour to exfiltrate data.
As I mentioned, the greater cost effectiveness changes the equation for thousands of enterprises who are part of the Microsoft ecosystem, but haven’t yet deployed Microsoft Defender for Endpoint. All of a sudden, an organization-wide Microsoft Defender for Endpoint deployment is possible within the IT team’s budget and management capability. Again, greater flexibility and better security outcomes for less – check out our Total Cost of Ownership model to compare costs.
What MISA membership means for eSentire’s customers
MISA (Microsoft Intelligent Security Association) is an invitation-only ecosystem of independent software vendors that have come together to integrate their solutions with Microsoft security products. eSentire’s membership provides many benefits, including allowing us to enrich our services to benefit from Microsoft’s security capabilities, allowing access to Microsoft’s product teams to help accelerate integration and to share threat intelligence.
Importantly, each of these three examples have direct benefits for our customers. For instance, MISA membership enhances our ability to fully and quickly leverage capabilities within Microsoft’s security suite, and Defender for Endpoint is just one of Microsoft’s many security applications. We are also hard at work integrating our MDR services with other Microsoft Security products including Microsoft Defender for Office 365, Microsoft Cloud Application Security, and Microsoft Defender for Identity. Additionally, the MISA membership is made up of some of the top cybersecurity experts in the industry; and sharing threat intelligence, within this group, is a rising tide that improves security for everyone. We look forward to contributing our own insights and threat intelligence, while also learning from the intelligence shared by others, to better safeguard our customers.
Are you already using Microsoft Defender for Endpoint or considering using it?
Visit the eSentire MDR with Microsoft Defender for Endpoint page to learn more.
Ultimately, this integration is about combining two industry-leading managed detection and response solutions within the Microsoft security ecosystem. This integration enables enterprises to benefit from protection across tools they already license, changing the cost equation by reducing in-house operational requirements.
Microsoft customers can quickly, easily and cost-effectively use eSentire’s unique, multi-signal MDR approach, benefitting from complete visibility of the attack chain and gaining the ability to pivot, validate and isolate the attacker at both the network and endpoint level.
Whether you’re managing your Microsoft Defender for Endpoint deployment yourself, relying on a third-party like an MSSP to do so, or have held off on deploying the solution, we should talk—we are confident we can provide you with superior security outcomes at a better value.