Microsoft Defender Experts for XDR is sold separately from other Microsoft Defender XDR products. If you're a Microsoft Defender XDR customer and are interested in purchasing Defender Experts for XDR, please complete this customer interest form.
Note
Any incident response services offered by Defender Experts will be offered under the Defender Experts Service Terms.
Microsoft Defender Experts for XDR is a managed extended detection and response service that helps your security operations centers (SOCs) focus and accurately respond to incidents that matter. It provides extended detection and response for customers who use Microsoft Defender XDR services: Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, and Microsoft Entra ID.
Defender Experts for XDR augments your SOC by combining automation and Microsoft's security analyst expertise. This combination helps you detect and respond to threats with confidence and improve your security posture. With deep product expertise powered by threat intelligence, we're uniquely positioned to help you:
Focus on incidents that matter - Our experts prioritize incidents and alerts that matter, alleviate alert fatigue, and drive SOC efficiency for your team
Manage response your way - Our experts provide detailed, step-by-step, actionable guidance to respond to incidents with the option to act on your behalf as needed
Access expertise when you need it - Extend your team's capacity with access to Defender Experts for assistance on an investigation
Stay ahead of emerging threats - Our experts proactively hunt for emerging threats in your environment, informed by unparalleled threat intelligence and visibility
Apart from the constantly updated research and intelligence tailored for the threats currently seen across the various Microsoft Defender XDR signals, you also receive managed response from our security analysts and support from Microsoft's security-focused service delivery managers (SDMs). This service lets you enjoy the following capabilities:
Managed detection and response - Expert analysts manage your Microsoft Defender XDR incident queue and handle triage and investigation on your behalf; they partner with you and your team to take action or guide you to respond to incidents
Proactive threat hunting - Microsoft Defender Experts for Hunting is built in to extend your team's threat hunting capabilities and prioritize significant threats
Live dashboards and reports - Transparent view of our operations on your behalf and noise free, actionable view into what matters for you coupled with detailed analytics
Proactive check-ins for continuous security improvements - Periodic check-ins with your named service delivery team to guide your Defender Experts for XDR experience and improve your security posture
To earn this Microsoft Applied Skills credential, learners demonstrate the ability to use Microsoft Defender XDR to detect and respond to cyberthreats. Candidates for this credential should be familiar with investigating and gathering evidence about attacks on endpoints. They should also have experience using Microsoft Defender for Endpoint and Kusto Query Language (KQL).