Microsoft on Wednesday announced the “general availability” commercial release of the Microsoft Defender Experts for Hunting service.
This service is billed as something that organizations already having a “robust security operations center” would want. With it, Microsoft’s security teams help organizations “proactively hunt threats using Microsoft Defender data,” per the announcement.
“Our experts will hunt across your Microsoft 365 Defender data and investigate anything they find,” Microsoft explained in this datasheet document. “Then, they will hand off validated alert information along with remediation instructions, so you can quickly respond.”
The Microsoft Defender Experts for Hunting service offers threat hunting and analyses. Organizations get notifications about what’s found, which gets published in the Microsoft 365 Defender portal. Microsoft also issues an overall summary report that’s said to be “interactive.” The service includes an “Ask Defender Experts” button in the Microsoft 365 Defender portal, which is used for getting advice from Microsoft’s experts.
Microsoft also sells a “Microsoft Threat Experts — Experts on Demand” service for chatting with Microsoft’s security experts, which perhaps is unrelated to this product’s Ask Defender Experts feature.
With the Microsoft Defender Experts for Hunting service, Microsoft looks for “malicious activity,” including signs of human attackers. It’s aided in this search, in part, by artificial intelligence to sort through “signals” information. Microsoft also investigates any threats found, and provides details regarding the “scope and method of entry” by an attacker.
There was no mention that Microsoft would fix software issues with this service. It seems to be an advisory service only.
The service offers proactive assistance to organizations, but exactly what’s meant by that term wasn’t described.
Microsoft Defender Experts for Hunting is sold by Microsoft’s sales teams. Pricing apparently isn’t published.
Microsoft Defender Experts for Hunting is yet another new Microsoft Defender product that was released this week. Others include Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management, both of which also are commercially available as of this week.
About the Author
Kurt Mackie is senior news producer for 1105 Media’s Converge360 group.