Blackpoint Cyber Unveils MDR for Microsoft 365
Blackpoint Cyber has released a managed detection and response (MDR) add-on for Microsoft 365. The add-on, called the 365 Defense, works in combination with Blackpoint MDR to provide organizations with threat monitoring and detection and security policy enforcement for Microsoft 365 environments, according to a prepared statement.
365 Defense helps organizations enforce Microsoft 365 security best practices and detects suspicious or unusual end-user behaviors, Blackpoint indicated. In doing so, 365 Defense protects organizations against modern cyberattacks.
Furthermore, 365 Defense monitors account activity such as new and deleted users, permission changes and unusual logins, Blackpoint said. 365 Defense also provides audit logs to help organizations block dangerous content or behaviors and notifies users about possible phishing attacks.
365 Defense is now available to existing and new Blackpoint customers, along with MSPs and other Blackpoint partners.
New Services Protect Organizations Against Microsoft Office 365 Attacks
Along with Blackpoint, several cybersecurity companies recently have launched services to safeguard organizations against Microsoft Office 365 attacks, including:
- Long View: Released User Shield, which leverages Microsoft Azure Sentinel security information and event management (SIEM) technology to monitor and protect Office 365 users.
- RocketCyber: Unveiled three Office 365 security apps for MSPs.
- Vectra: Introduced Cognito Detect, which enables organizations to use AI to track Office 365 threats in real-time.
Cybersecurity companies are increasingly integrating MDR into other Microsoft software as well.
Red Canary this month announced Red Canary MDR for Microsoft Defender Advanced Threat Protection (MDATP). The service enables organizations to use Red Canary MDR to collect and analyze MDATP alerts and telemetry, according to the company.
Also, Critical Start, a Top 200 MSSP, launched an MDR service for MDATP last year. The service allows organizations to isolate machines, initiate endpoint scans and triage alerts from native Android and iOS applications, the company said.