Get started with Microsoft Defender XDR

Note

Want to experience Microsoft Defender XDR? Learn more about how you can evaluate and pilot Microsoft Defender XDR.

Applies to:

  • Microsoft Defender XDR

Microsoft Defender XDR is a unified experience where you can monitor and manage security across your enterprise. With the integrated alerts across identities, endpoints, data, apps, email, and collaboration tools - investigating and responding to threats now happen in a central location.

Watch this short video to learn how Microsoft Defender XDR helps to prevent, detect, investigate, and remediate threats across Microsoft 365.

Whether you're new to the Microsoft suite of security products or familiar with individual workflows, this topic will guide you in the simple steps you need to take to get started with Microsoft Defender XDR.

The steps to get started with the Microsoft Defender portal

In general, you'll need to take the following steps to get started:

  • Step 1: Turn on Microsoft Defender XDR
    You'll first need to turn on the service by making sure you have the right license in place and roles are assigned so that you can access the portal.

    You'll then go through some simple settings and then you can confirm that the service is on.

  • Step 2: Deploy supported services
    After completing the initial steps, you'll need to deploy the supported services that come with Microsoft Defender XDR. Deploying services effectively increases your visibility in the signals from assets across your network.

Key capabilities

Turning on Microsoft Defender XDR and deploying services will give you access to the following key capabilities:

Capability Description
Microsoft Defender for Endpoint Endpoint protection suite built around powerful behavioral sensors, cloud analytics, and threat intelligence
Microsoft Defender for Office 365 Advanced protection for your apps and data in Office 365, including email and other collaboration tools
Microsoft Defender for Identity Defend against advanced threats, compromised identities, and malicious insiders using correlated Active Directory signals
Microsoft Defender for Cloud Apps Identify and combat cyberthreats across your Microsoft and third-party cloud services

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender XDR Tech Community.