Microsoft’s 365 E5 Security License: Making the Most of Defender

Microsoft’s 365 E5 Security License: Making the Most of Defender

If you're a cybersecurity decision-maker, the Microsoft 365 E5 Security license offers you great opportunities to stretch your budget while optimizing your cyber defenses.

But the Defender functionality bundled into your E5 license is just one piece of your overall cyberdefense strategy. To make the most of that bundled functionality, you must still:

  • Fully leverage the functionality Defender provides
  • Close all gaps in Defender's coverage of your environment
  • Optimize the effectiveness of your cyberdefenses beyond Defender
  • Minimize the burdens on your internal security staff and/or outsourced SOC
  • Exercise rigorous budget discipline so that you get maximum value from your security spend

Here are three insights to help you achieve these critical security objectives.

INSIGHT #1: What you get with your E5 Security license

Microsoft bundles four separate Defender solutions with the E5 license:

  • Microsoft Defender for Endpoint is an endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats.
  • Microsoft Defender for Cloud Apps is a cloud access security broker (CASB) for Azure and third-party cloud services.
  • Microsoft Defender for Identity (formerly Azure Advanced Threat Protection) monitors and protects your Active Directory deployment.
  • Microsoft Defender for Office 365 builds on Exchange Online Protection to help you guard your organization against phishing, business email compromise (BEC), and other threats.

These four solutions are invaluable as part of your broader cyberdefense strategy. And since they're bundled with your Microsoft 365 E5 security license, the price is certainly right.

INSIGHT #2: What you don't get with your E5 license

While E5-bundled Defender solutions deliver great value, we see organizations struggle to integrate their non-Microsoft environments and solutions (including third-party systems and cloud vendors, network security, Operational Technology (OT), Secure Access Service Edge (SASE), and more) to achieve a centralized holistic view of their total attack surface.

In fact, about 60% of the Microsoft customers we work with use at least one non-Microsoft EDR in addition to the Defender instance bundled with their E5 license.

Also, Defender doesn't aggregate telemetry and alerts from across your organization. And because it doesn't aggregate that data, it can't holistically analyze it.

That's a problem, because to successfully detect, investigate, and respond to today's increasingly sophisticated and subtle threats, you must be able to holistically analyze all data from across your entire environment.

These two issues — gaps in coverage and the inability to analyze aggregated security data — are most relevant to your E5 license challenge.

INSIGHT #3:MDR is the smart play for most organizations

If you're looking to complement your E5-bundled Defender functionality, a Managed Detection and Response (MDR) solution offers a superior way to extend the value of Microsoft E5 with 24x7 monitoring — preferably an MDR solution built on top of a true XDR platform. That's because:

  • MDR adds a managed layer of service that not only monitors threats from Microsoft endpoint, cloud, email, and network sources, but across the entire IT landscape.
  • MDR provides out-of-the-box detection that greatly simplifies deployment and significantly improves your team's ability to quickly detect threat actors in your environment.
  • MDR detection is continuously fine-tuned to suppress false positives and trivial alerts.
  • MDR solutions bundle playbooks and automated response actions — enhancing your response capabilities without costing you additional budget.
  • MDR offers continuous threat hunting, always looking for the most critical threats in your Microsoft environment and beyond. MDR, if offering predictable pricing, will license on a per-node basis with a full team of experienced security analysts — making it more cost-effective and cost-stable for most organizations compared to doing it internally or with a traditional volume-based SIEM solution.

For these reasons and others, you should strongly consider investing in an MDR offering to optimally leverage your Microsoft E5 security bundle.

Secureworks® Taegis™ ManagedXDR, is the Secureworks MDR solution that is the best fit for Microsoft E5 security customers

As you evaluate MDR solutions to complement the four Defender solutions you're getting with your Microsoft E5 license, make sure you include Secureworks on your short list. Key reasons for doing so include:

  • ManagedXDR is an MDR solution built on the Taegis XDR platform. Taegis analytics are continually updated based on Secureworks' globally acclaimed threat intelligence unit — ensuring that Taegis detectors keep pace with the relentlessly evolving threats you face every day.
  • The Taegis XDR platform leverages both Defender telemetry and Defender's own built-in alerting functions — so you gain the full value of your E5 license bundle.
  • Secureworks and Microsoft integrations, along with the depth of Microsoft services, are uniquely more advanced, effective and efficient compared to others.
  • ManagedXDR is operated with a global, experienced Security Operations Center (SOC) that offers the 24x7 monitoring service on top of Taegis.
  • Secureworks offers complementary adversarial testing services that enable you to discover potentially problematic shortfalls in your security stance across both your Microsoft and non-Microsoft assets. This can range from suboptimal Active Directory configurations to inappropriate use of shared passwords for privileged admin accounts — but regardless of the security pitfalls hiding in your systems, it's better to find them now with Secureworks than later with a real threat actor.
  • Secureworks has a decades-long relationship with Microsoft that includes mutual notification of emerging security issues and numerous MCPs Microsoft Certified Professionals on Secureworks team.

The bottom line: If you're a cybersecurity decision-maker whose organization has bought into Microsoft's E5 licensing program, you owe it to yourself to evaluate Secureworks Taegis ManagedXDR — and to learn about all the ways Secureworks MDR can help you achieve optimum safety within your constraints of budget and staff.

Request a demo today to see how you can maximize your E5 Defender license. You can also hear principal engineer Stefan Oancea clearly explain Secureworks' advantages by taking a quick listen to the “Let's Talk SOC' podcast with host Sally Eaves.

Back to all Blogs

Talk with an Expert

Thank you for submitting the form! We have received your request. A Secureworks team member will contact you within one business day.