18

Extended Detection and Response with Microsoft 365 Defender

In the previous chapter, the focus was on Microsoft Defender Vulnerability Management and Secure Score. This chapter will focus on eXtended detection and response (XDR) with Microsoft 365 Defender (M365D), what it is, and what separates it from other security tools such as Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and Security Information and Event Management (SIEM).

By following this chapter, you will gain knowledge on how to operate M365D as an XDR for use in real-world scenarios when your organization comes under attack from a malicious actor.

We will cover these main topics throughout the chapter:

  • Introducing XDR
  • How M365D works as an XDR

Get Mastering Microsoft 365 Defender now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.