Defender Portal Gets Microsoft Defender for Identity Capabilities

The Microsoft 365 Defender portal now supports some lagging Microsoft Defender for Identity capabilities that have reached the "general availability" (GA) commercial-release stage, Microsoft announced this week.

Two capabilities reaching GA for the portal were described as being new. One new capability is the ability to show Secure Score rankings in the Microsoft Defender portal for the data collected by the Microsoft Defender for Identity service. This capability displays a percentage score on meeting various security goals, such as disabling the print spooler service on domain controllers or protecting local administrator passwords. It has drill-down analytical capabilities as well.

The other new capability at GA is the integration of the Microsoft Defender for Identity service with the Microsoft 365 Defender portal's "new universal search feature." Search, pulling from various resources, is now available from a text box at the top of the portal.

"What's been introduced today is a convenient search bar at the top of the portal screen that will allow security teams to look for any entity being monitored by Microsoft 365 Defender, be it identity, endpoint, Office 365 data, and more," the announcement explained.

With these two feature additions at GA, "all remaining features that have been in public preview up until now will also be generally available from today," the announcement explained regarding the portal integration.

Those other capabilities at GA include an automatic onboarding process for new Microsoft Defender for Identity customers, the addition of alerts into an "auto-incident correlation feature," the use of an "Advanced Hunting" capability in the portal and the ability to use "global exclusions" for alerts.

With these enhancements, Microsoft now wants organizations to switch from using the old or "classic" Defender for Identity portal. A "convenient redirect option" will be arriving in the "coming weeks" to help organizations move to the Microsoft 365 Defender portal instead.

At some point, it'll be possible to use the old portal only by opting in to use it.

"After a transitional period, we'll then configure the service so that customers will have to opt out of using the new experience by default, before finally, retiring the classic experience," the announcement explained. "We'll be using Message Center to push these details out."

Microsoft Defender for Identity used to be known as "Azure Advanced Threat Protection," but Microsoft changed its name more than a year ago.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


comments powered by Disqus

Subscribe on YouTube