What Is Microsoft Defender for Identity?
Sep 23, 2022 | What is Microsoft Defender For...
In this series of blog posts, SecureSky will over time inventory the various Defender technologies and provide a brief overview and link to additional Microsoft documentation.
“Defender” used to be the name of Microsoft’s anti-virus software.
Now Microsoft’s branding strategy has switched to using “Defender for …” as a brand name for products across Microsoft’s security suite, including XDR technologies that prevent, detect, and respond to threats across identities, endpoints, applications, email, IoT, infrastructure, and cloud platforms.
While easy to understand from a unified branding approach, this has created confusion as buyers attempt to navigate what each (of dozens) “Defender for …” products does, how they overlap (both within the Microsoft ecosystem and with third-party technologies), and how they are purchased or subscribed to.
|Technology Name||Microsoft Defender for Identity|
|Previous Name(s)||Azure Advanced Threat Protection or Azure ATP|
|Function(s)||Monitors user and entity behavior in Active Directory to protect stored identities and credentials and detect suspicious activities on hybrid environments
|Cost Basis||Defender for Identity is available as part of Enterprise Mobility + Security 5 suite (EMS E5), and as a standalone license.|