แก้ไข

แชร์ผ่าน


Microsoft Defender for Endpoint and other Microsoft solutions

Applies to:

Want to experience Microsoft Defender for Endpoint? Sign up for a free trial.

Integrate with other Microsoft solutions

Microsoft Defender for Endpoint directly integrates with various Microsoft solutions.

Microsoft Defender for Cloud

Microsoft Defender for Cloud provides a comprehensive server protection solution, including endpoint detection and response (EDR) capabilities on Windows Servers.

Microsoft Sentinel

The Microsoft Defender for Endpoint connector lets you stream alerts from Microsoft Defender for Endpoint into Microsoft Sentinel. This will enable you to more comprehensively analyze security events across your organization and build playbooks for effective and immediate response.

Azure Information Protection

We recently deprecated the Azure Information Protection integration as our Endpoint DLP capabilities incorporate an improved discovery and protection solution for sensitive data stored on endpoint devices that facilitates greater visibility and integration between solutions. This was announced in the following blog. We recommend that customers move to using Endpoint DLP.

Conditional Access

Microsoft Defender for Endpoint's dynamic device risk score is integrated into the Conditional Access evaluation, ensuring that only secure devices have access to resources.

Microsoft Defender for Cloud Apps

Microsoft Defender for Cloud Apps leverages Microsoft Defender for Endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Microsoft Defender for Endpoint monitored devices.

Microsoft Defender for Identity

Suspicious activities are processes running under a user context. The integration between Microsoft Defender for Endpoint and Microsoft Defender for Identity provides the flexibility of conducting cyber security investigation across activities and identities.

Microsoft Defender for Office

Defender for Office 365 helps protect your organization from malware in email messages or files through Safe Links, Safe Attachments, advanced Anti-Phishing, and spoof intelligence capabilities. The integration between Microsoft Defender for Office 365 and Microsoft Defender for Endpoint enables security analysts to go upstream to investigate the entry point of an attack. Through threat intelligence sharing, attacks can be contained and blocked.

Note

Defender for Office 365 data is displayed for events within the last 30 days. For alerts, Defender for Office 365 data is displayed based on first activity time. After that, the data is no longer available in Defender for Office 365.

Skype for Business

The Skype for Business integration provides a way for analysts to communicate with a potentially compromised user or device owner through a simple button from the portal.

Microsoft Defender XDR

With Microsoft Defender XDR, Microsoft Defender for Endpoint, and various Microsoft security solutions form a unified pre- and post-breach enterprise defense suite that natively integrates across endpoint, identity, email, and applications to detect, prevent, investigate, and automatically respond to sophisticated attacks.

Learn more about Microsoft Defender XDR

Tip

Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: Microsoft Defender for Endpoint Tech Community.