Microsoft 365 and Azure Security Product name changes
The first change I want to cover is Microsoft Threat Protection is now Microsoft 365 Defender. This is really a suite of products, ranging from endpoint protection to safeguarding your email messages and links within them.
Azure Advanced Threat Protection has changed its name to Microsoft Defender for Identity. This product helps you to detect and investigate advanced attacks on prem.
Microsoft Defender Advanced Threat Protection is now Microsoft Defender for Endpoint, this product helps you detect and remediate advanced attacks on your endpoints.It supports Windows operating systems from Windows 7 to Windows Server 2019, and can also be used on Android, Linux (in preview currently) and MacOS. As well as the name change, we saw support for Microsoft Defender for Endpoint launch support for iOS devices, which is currently in preview.
Office 365 Advanced Threat Protection is now Microsoft Defender for Office 365. This product is designed to help protect organisations from malicious attacks through things like scanning email attachments for malware, scanning URLs in emails and documents and checking for unauthorized spoofing. My personal favourite feature of Microsoft Defender for Office 365 is Safe Links, it really does help protect if there are malicious links in emails etc and people click on them.
Azure Security Centre Standard Edition, is now called Azure Defender for Servers. For Windows this help to monitor and protect your servers with Security Centre presenting the alerts and remediation suggestions. While for Linux it use auditd to collect audit records. With Azure Defender for Servers you get things like Just-in-Time(JIT) VM access, which is a great product for protecting common management ports like RDP or SSH and only having them open when and how you need them.
Azure Security Centre for IoT is now called Azure Defender for IoT. As IoT becomes more and more something we are introducing to our homes and organisations we need to ensure we have an appropriate security posture in place and Azure Defender for IoT can help provide that end to end threat detection and analysis.
Advanced Threat Protection for SQL is now called Azure Defender for SQL. This is Generally Available (GA) for Azure SQL database servers and in preview for SQL servers on machines hosted in Azure, other cloud environments, and even on-premises machines. This product helps to monitor for threats such as SQL injection, brute-force attacks and privilege abuse.