February 2024 - Ru Campbell MVP

[Updated Feb 2024] Ultimate Comparison of Defender for Endpoint Features by OS

Finally, it's time for a refresh. It's been a while! Due to personal circumstances, I haven't been able to keep the Ultimate Comparison of MDE by OS updated. I've had time to dive into the changes since v5 and it's really been amazing to see MDE grow in scope. What is MDE and why do we need an 'ultimate comparison'? Microsoft Defender for Endpoint (MDE) is a massive stack of endpoint protection and endpoint…

Entra ID (Azure Active Directory) Entra ID Protection (Identity Protection)

Entra ID Protection – Common Microsoft 365 Security Mistakes Series

Signals from across Microsoft's services and ecosystems inform Entra ID Protection to detect risk. The risk detections can alert administrators or, better still, combine with other Entra and Defender XDR capabilities to perform remediation and prevention. The most obvious example of this may be preventing a risky sign in. Contrary to popular understanding, not all of Entra ID Protection's detections are limited to the Entra ID P2 license: the nonpremium risks listed here don't…

Microsoft Defender for Cloud Microsoft Defender for Endpoint Microsoft Defender Vulnerability Management Microsoft Defender XDR

Microsoft Defender Vulnerability Management – Common Microsoft 365 Security Mistakes Series

Microsoft Defender Vulnerability Management (MDVM) is an often overlooked service that can be licensed standalone or is included in other Microsoft Defender licenses. In my experience, I've never seen it licensed standalone, but customers with Defender for Endpoint (MDE) P2, Defender for Servers (MDS) P1, and Defender for Business (MDB) benefit from it's core capabilities. In addition to the core capabilities, add-on capabilities are available in the standalone license, Defender for Servers P2, or as…