Microsoft Defender Experts for Hunting, a new managed security service for Microsoft 365 Defender customers, is now generally available.
Announced in May, Defender Experts for Hunting provides businesses that already have Security Operation Centers (SOCs) but are also willing to pay for additional help to hunt threats across endpoints, Office 365, cloud apps, and identity.
Microsoft’s security experts will use Defender data for threat investigation and to provide customers with remediation instructions, as well as help deploy threat hunting across all Microsoft 365 Defender products within hours, according to Redmond.
This new managed service helps an organization’s SecOps experts ensure that critical threats in their environments don’t get missed.
“Our experts will investigate anything they find and then hand off the contextual alert information and remediation instructions so you can quickly respond,” Microsoft Corporate VP for Security Vasu Jakkal said in May.
“You will also get specific recommendations to help you understand and improve your security posture.”
[embedded content]
Defender Experts for Hunting adds multiple capabilities, including but not limited to:
Threat hunting and analysis – Defender Experts for Hunting look deeper to expose advanced threats and identify the scope and impact of malicious activity associated with human adversaries or hands-on-keyboard attacks.
Defender Experts Notifications – Notifications show up as incidents in Microsoft 365 Defender, helping to improve your security operations’ incident response with specific information about the scope, method of entry, and remediation instructions.
Experts on Demand – Select Ask Defender Experts in the Microsoft 365 Defender portal to get expert advice about threats your organization is facing. You can ask for help on specific incidents, nation-state actors, or attack vector-related notifications.
Hunter-trained AI – Our Defender Experts for Hunting share their learning back into the automated tools they use to improve threat discovery and prioritization.
Reports – An interactive report summarizing what we hunted and what we found.
Defender Experts for Hunting is part of a range of three new managed services introduced under the Microsoft Security Experts brand.
“Microsoft Security Experts is a line of managed security solutions that combines human-led services with expert-trained technology to help organizations achieve better security outcomes,” Jakkal said.
The other two services announced in May are Microsoft Defender Experts for XDR for small and midsize businesses (SMBs) who want to expand their SOCs’ capacity and Microsoft Security Services for Enterprise, which combines proactive threat hunting and managed XDR in a single service for large enterprises.
While Defender Experts for XDR will move into preview during the fall of 2022, Microsoft Security Services for Enterprise is already available through a custom statement of work.
As Microsoft explains, Defender Experts for Hunting is sold separately from other Microsoft 365 Defender products, and you should complete this form if you’re a Microsoft 365 Defender customer interested in purchasing.
You can find more info on the Microsoft documentation website about onboarding and how to understand Defender Experts for Hunting reports.