Microsoft Threat Protection. What is it?
Cutting to the chase, Microsoft Threat Protection (MTP) is not a single product. MTP is the employment of Microsoft security services to protect and defend organisations extensive and varied attack surfaces. Deploying Microsoft security services proportionately to protect against specific or wide-ranging attack vectors. Many of which organisations will find they are already licensed for, but may not be used to their full value.
Microsoft provides an overview of the products that can be considered to form parts of the MTP offering on the Microsoft Threat Protection announcement on TechCommunity.
These are broken down into the attack vectors:
- Identities: Azure Active Directory Identity Protection, Azure Advanced Threat Protection, Microsoft Cloud App Security
- Endpoints: Windows Defender Advanced Threat Protection, Windows 10, Microsoft Intune
- User Data: Exchange Online Protection, Office 365 Advanced Threat Protection, Office 365 Threat Intelligence, Windows Defender Advanced Threat Protection, Microsoft Cloud App Security
- Cloud Apps: Exchange Online Protection, Office 365 Advanced Threat Protection, Microsoft Cloud App Security
- Infrastructure: Azure Security Center, SQL Server, Linux
Microsoft Threat Protection. Why use it?
Almost anyone in the IT industry will agree that no single product can protect an organisation from all threats. Many take this view to also mean that the array of products required to protect an organisation from relevant threats should not be sourced from a single vendor. This is no longer a valid interpretation.
Gartner has named Microsoft as a leader for endpoint protection for 2019.
This endorsement from Gartner further emphasises that the ‘multiple vendors are better’ and ‘Microsoft can’t do security’ views are no longer appropriate.
Microsoft especially provides a breadth and depth of services and protection capabilities that result in unparalleled insight into your organisation and the threats and vulnerabilities present.