When looking at cyber defense best practices and models, one driving question, which also keeps CISOs up at night, is this:
What's the best way to orchestrate security telemetry and processes so that SOC operators and security teams can prevent more threats and scale threat response as a formidable force multiplier against the onslaught of unknown attacks and exploits?
The questions that need answers to this point are:
In other words, we are talking about capabilities within the security landscape that are highly complementary to each other – advanced threat protection and embedded endpoint detection and response (EDR).
Morphisec's advanced prevention capability is purpose-built to terminate advanced threats. Combined with the comprehensive detection, investigation and response capabilities available in Microsoft Defender for Endpoint platform, this integrated stack is taking endpoint protection, visibility and optics (Microsoft Intelligent Security Graph) to a new level, while driving down risk and operating costs for enterprise security teams.
With the massive footprint Microsoft has in the enterprise, it’s no surprise their security profile has grown substantially over the past years with scalable innovation applied to how they're building their security products.
The reasons? Microsoft is in the best position to deliver security functionality to its customers based on how widely Windows 7 and Windows 10 are deployed in the enterprise. They also can align patch management for OS update cycles that include security updates as well.
Microsoft Defender for Endpoint which includes Endpoint Detection and Response (EDR), continues to gain more market share and momentum as organizations look to migrate from Windows 7 (or 8.1) to Windows 10 and also recently expanded to include Defender for Mac.
According to Gartner, the EDR market sits at $1B as of the end of 2018 at approximately 20% penetration. With highly complex data sets, and a level of operational sophistication required to run most other EDR tools, Microsoft has made it easy.
One of the major benefits Defender for Endpoint has is that it’s already embedded into the operating system, improving the patching cycle, and making updates easier. A third benefit is that system visibility is more accessible through the Office 365 cloud via one console.
According to Gartner:
"Microsoft Defender for Endpoint could be influential in this market. Windows 10 deployments are proceeding rapidly at many organizations. The embedded advanced threat prevention capability eliminates the need to deploy and manage additional agents. Integration in the OS can provide better visibility control and tamper protection. Microsoft Defender for Endpoint agents are available for Windows 7, 8.1 and 10 as well as Server 2012 R2, 2016 and 2019."
The added preventative capability from Morphisec, that seamlessly integrates into the Microsoft ecosystem for enterprises, gives operators a huge value-add on top of Microsoft's feature set that is expanding for enterprises.
Microsoft will end-of-life its support of Windows 7 in January of 2020. This poses a challenge for organizations from an IT perspective, and carries security implications that make users consider how they will plug existing and future security gaps.
For example, if an organization migrates 100K users from Win7 to Win10, that is a major operating system overhaul in terms of time and internal resources.
However, Microsoft has eased the migration from a security standpoint by offering Defender for Endpoint as a compensating control, which maps to many compliance requirements while delivering comprehensive, continuous monitoring capabilities that enable users to migrate when they choose to. They can take as long as they need in rolling out the OS update, which is similar to a software patching cycle for most IT teams, and both Defender for Endpoint + Morphisec will add the 1-2 punch of protection during this phase.
Enter Morphisec for a new level of complementary protection: Other EDR solutions aren't capable of covering every area of real estate when it comes to threats that matter to them - so Defender for Endpoint is already giving teams an agentless, simplified approach to solving these challenges. The integration of Morphisec into the Defender for Endpoint ecosystem gives security teams peace-of-mind during the migration process (to Win10) with a dynamic layer of advanced threat protection providing a massive-scale blocking function, and acting as a virtual patch for their OS environment.
Fundamentally, the integration of Morphisec and Defender for Endpoint combine to form a powerful stack, and serve as a major disruptor to the endpoint security market. Together, this combination of highly advanced threat prevention, detection and behavioral monitoring places highly innovative and proven security technology into the fabric of the operating system for unprecedented flexibility and function.
Morphisec adds its advanced threat prevention capabilities and the rich forensic data captured by the Morphisec system to the Defender for Endpoint platform. Information that is gathered by Morphisec is integrated directly into the Microsoft Defender Security Center management console.
Benefits:
To learn more about the Morphisec and Microsoft Defender for Endpoint integration, contact one of our security experts.