Azure Security

Microsoft 365 Defender

Users and Device health/security
Accessible from https://security.microsoft.com
Allows creation/customization of policies to send email alerts
Min. license requirements for FULL SUITE (https://docs.microsoft.com/en-us/microsoft-365/security/defender/prerequisites?view=o365-worldwide#licensing-requirements)
Secure Score & Improvements available for any license tier (it seems)
Not available through Partner DAP – Requires logging in as Global Admin or Security Admin

Microsoft 365 Lighthouse

User and device health/security
Accessible from https://lighthouse.microsoft.com
Still in Preview
Currently limited baseline options and improvements
Client license requirements: M365 Business Premium or M365 E3 ONLY (Yes… if they have higher, it doesn’t work… yet)
Friendly MSP console & utilizes partner centre relationships

Microsoft Defender for Cloud

@Dennis – Can I get approval to run the free 30-day trial? This will let us get a better idea as to what’s available under the hood here.

Targets security of resources within Azure Subscriptions (VMs, storage accounts, etc)
It’s an app within the Azure Portal

There is no “One place to check” kind of thing & the available information will vary depending on the licenses purchased by the client.

What can be easily included for any M365 customer through the free tier of Microsoft Defender 365 and/or Lighthouse

Current “Risky Users”
- Risky Sign in behaviour
- User accounts with no MFA registrations
Current default MFA stance (Conditional Access, MS Security Defaults)
Device Compliance (assuming Microsoft Endpoint Manager (Intune) is in play)
Current Security Posture Score and Improvements

With M365 E5 (or equivalent) licensing:

(No Ratings Yet)