Defender is getting ignited .. more products are getting in to one umbrella. Initially change of windows defender to Microsoft defender in early 2020, this comes as a products unification .
Products are mainly categorised in to two. Microsoft 365 defender for endpoints and Azure defender for cloud Infrastructures
Microsoft 365 Defender line will include:
Microsoft 365 Defender
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Defender for Identity
Azure Defender line will include:
Azure Defender for Servers
Azure Defender for IoT
Azure Defender for SQL
It’s hard to follow product portfolio’s since the inception of products . It’s difficult to keep track of products.Going forward, there will be Microsoft Defender and Azure Sentinel.
Microsoft Defender will be Microsoft’s XDR product, while Azure Sentinel will be the company’s SIEM line.
XDR stands for eXtended Detection and Response and is a cyber-security term that refers to products that detect and respond to active threats on endpoints .
SIEM stands for Security Information and Event Management and is a cyber-security term that refers to web applications that aggregate logs from all devices in order to analyze large quantities of data from a vantage point and search for anomalies and signs of a security breach.
Azure Sentinel is deeply integrated with Microsoft Defender so you can integrate your XDR data in only a few clicks and combine it with all your security data from across your entire enterprise.
Microsoft believes that defenders can benefit from using deeply integrated SIEM and XDR for end-to-end visibility and prioritized actionable insights across all your enterprise assets.