Call 949-520-1876 or Text 949-229-3545 Sales and Support: M - F 5:00 am to 5:00 pm PT
American Flag American Owned and Operated

What is Microsoft 365 defender?

Microsoft 365 defender is an enterprise defense suite designed for threat protection and detection across endpoints, email and applications to provide unified protection against sophisticated attacks. There are four primary products in the suite to choose from.

Microsoft Defender for Office 365

Whether you’re using applications like Word and Excel or communication tools like SharePoint and Teams, protection across all applications and services should be a top priority. With 365 Defender for Office 365, your organization will be well protected against malicious threats and attacks to your email messages, links (URLs) and your collaboration tools.

Microsoft Defender for Endpoint

Microsoft Defender for Endpoint is an enterprise endpoint security platform specifically designed to aid enterprise networks not only in preventing but detecting, investigating and responding to sophisticated attacks and advanced threats. There are two options available for this suite, Defender for Endpoint Plan 1 and Plan 2.

Microsoft Defender for Identity

Microsoft 365 Defender for Identity is a cloud-based service designed to help protect on-premise, cloud and hybrid environments from various types of internal threats and targeted cyber-attacks. This is accomplished by leveraging your on-premise Active Directory signals to detect advanced threats early and identify malicious insider actions directed at your organization.

Microsoft Defender for Cloud Apps

Microsoft Defender for Cloud Apps is a Cloud Access Security Broker (CASB) that operates on multiple clouds. This provides full visibility and in-depth data to identify and protect all of your Microsoft and third-party cloud services from cyberthreats. With security professionals in mind, Microsoft Defender for Cloud Apps incorporates innovative automation along with centralized management and simple deployment.

Licensing requirements

Any of these licenses gives you access to Microsoft 365 Defender features via the Microsoft 365 Defender portal without additional cost:

  • Microsoft 365 EF or A5
  • Microsoft 365 E3 with Microsoft 365 E5 Security add-on
  • Microsoft 365 E3 with the Enterprise Mobility + Security E5 add-on
  • Microsoft 365 A3 with the Microsoft 365 Security add-on
  • Windows 10/11 Enterprise E5 or A5
  • Enterprise Mobility + Security (EMS) E5 or A5
  • Office 365 E5 or A5
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Office 365 (Plan2)


There are two ways to manage access to Microsoft 365 Defender:

  • Global Azure Active Directory (AD) roles
  • Custom Role Access

Accounts assigned the following Global Azure Active Directory (AD) roles can access Microsoft 365 Defender functionality and data:

  • Global administrator
  • Security administrator
  • Security administrator
  • Security Operator
  • Global Reader
  • Security Reader


Using the integrated Microsoft 365 Defender solution, security professionals can easily interpret the threat signals received by each of these products to determine the full scope and impact of the threat; how it entered the environment, what it has affected, and how it is currently affecting the organization. Microsoft 365 Defender automatically takes action to prevent or stop the attack, as well as to self-heal affected mailboxes, endpoints, and user identities.


To learn more ways how Microsoft 365 Defender can help you improve your enterprise security, visit our blog for updates. For any questions or pricing on Microsoft 365 Defender, contact us at 949-520-1876 or Our staff is ready to answer your questions and assist you in finding business solutions that are the best fit for your organization.

Older Post Newer Post


Leave a comment

Please note, comments must be approved before they are published