A commitment to delivering even more advanced security tools
In 2021, Microsoft has committed to investing $20 billion over 5 years to accelerating efforts to integrate cyber security by design and deliver advanced security solutions. What does this mean? It’s no surprise that this investment and commitment places Microsoft as a leader in this space. However, beyond the dollar signs, Microsoft has a vision to protect all endpoints through a combination of prevention, detection, and auto remediation.
Forrester evaluated 15 most significant vendors in the Endpoint Detection and Response (EDR) space and tested their solution against 20 criteria, researching, analysing, and scoring them. Forrester has basically done the heavy lifting for security professionals in helping them find the right fit for their needs.
The real benefit in a security EDR offering comes from a variety of helpful features used for investigation: such as autogenerated human-readable detection names and a replay of the attack story to see exactly what happened in the attack and in what order, ideal for root cause analysis. It provides a native sandbox feature, response recommendations, remote shell capabilities, and custom scripting. Security engineers can search telemetry by type or search raw telemetry and schedule queries. Microsoft is best suited for those with a large Windows deployment or those moving to an E5 license.
What should a Company look out for?
With many security vendors promising the best features available in their solution, the below are 3 fundamental pointers to look out for when considering an EDR solution.
- Analysis. The most time-consuming process security engineers face is the analysis of incident response. The solution needs to provide relevant, streamlined context for investigation and threat hunting with the ability to correlate events together, presenting all the threat intelligence needed on the fly with dynamic risk scoring.
- Customisation and automation. With remote and hybrid work becoming the norm, this has made quick, complete, and remote response across multiple endpoints a requirement for a top EDR offering. Clients should select an EDR provider that not only allows for orchestration and automation for response, but also builds it seamlessly into the analyst workflow and provides effective tools to customize these capabilities.
- A vendor with vision. Reference customers in the Forrester evaluation highlighted Microsoft’s investment as a key factor in choosing to work with their security EDR technology. Having a clear product vision is vital, especially given the hype in the market as vendors look to progress towards an eXtended Detection and Response (XDR). When choosing an EDR provider, clients should shortlist vendors that have a defined, scoped vision that showcases a distinctive, data-driven point of view on the market.
The right partner for your business
Microsoft has now also improved its pricing structure to add flexibility, offering standalone pricing per endpoint or license-based pricing. Its roadmap includes continued progress on Linux and Mac feature capabilities, IT and security collaboration, and XDR capabilities. Furthermore, Microsoft has on par coverage of Windows versions, Mac, and Linux distributions compared to other vendors.
Reach out to Veracloud today to learn more about Microsoft’s leading EDR solution with different flavours of Microsoft Defender to fit all security requirements, whatever you’re protecting and wherever this infrastructure is.