Cisco Security and Microsoft Defender

Microsoft Defender helps protect your data and devices from malicious threats. Easily manage your online security in one centralized view, with industry-leading online protections for you, your family, and your devices. Stay safer with real-time notifications, security tips, and recommend steps that help keep you ahead of hackers and scammers for your peace of mind.

To get started, download the app and login with your personal Microsoft account.

Microsoft Defender requires a Microsoft 365 Family or Microsoft 365 Personal subscription.

Product Integrations

• Cisco XDR Automate:
  • Microsoft Defender for Endpoint - Isolate Machine: This workflow appears in the pivot menu and allows a user to isolate a machine in Microsoft Defender for Endpoint.
  • Microsoft Defender for Endpoint - Unisolate Machine: This workflow appears in the pivot menu and allows a user to unisolate a machine in Microsoft Defender for Endpoint.

• Cisco XDR: In Cisco XDR, we enable Defender for Endpoint users to leverage it for threat hunting and investigation features, as well as rapid response actions to understand and defend against threats on the endpoint. It also provides important device inventory context to help triage detected threats.
• Use the Defender for Endpoints integration to search for security detections involving specific hostnames, host GUIDs, domains, IPs, file hashes, process names, and process arguments. Defender for Endpoints can also be used through Cisco XDR to isolate hosts from the network and block many types of observables, including file hashes, network resources (such as IP addresses, domains, and URLs), and certificates. This integration can also be used to provide host information, including vulnerability information for use in triaging incidents and detections.
• Note: This integration requires Cisco XDR Advantage or XDR Premier licensing tier.
• Kenna: Vulnerability management is an essential component to any security strategy. By integrating with Microsoft’s threat and vulnerability management capabilities, Kenna customers can benefit from a risk-based solution providing personalized vulnerability prioritization and predictions of high-risk threats, as well as actionable insights that incorporate data directly from Microsoft’s threat & vulnerability management solution. Kenna helps companies transform their vulnerability management strategies into modern, proactive, data-driven programs. The solution uses proven data science techniques to assess the likelihood that a vulnerability will be exploited and calculate the risk vulnerabilities pose to business assets. This knowledge allows companies to prioritize mitigation strategies and remediate the riskiest vulnerabilities faster, with less work, and leveraging existing security solutions, like Microsoft threat and vulnerability management.