When considering the Microsoft suite of products, most people have heard the name Defender. It’s been around since 2005, giving it a lifespan of almost 20 years.
But what Defender represents has changed considerably since then – and not everybody knows it well in its latest iteration.
We explore the history of Microsoft Defender to understand how it’s evolved to offer industry-leading security for businesses.
The origins of Microsoft Defender
The name ‘Defender’ was first used with Windows Defender, in itself a redevelopment of Microsoft AntiSpyware back in the days of Windows XP. Even this was actually just a rebrand of GIANT AntiSpyware, acquired by Microsoft in 2004.
To begin with, Defender was purely an anti-spyware platform and was not a complete security solution for threats, even at that time.
However, Defender has been through a number of redevelopments and improvements over the last 20 years.
For many, the name still just represents a simple, free antivirus application that’s bundled with Windows rather than a comprehensive security solutions. But after years of evolution, this is no longer the case.
Why Microsoft Defender needed to adapt
Since the birth of Defender, the types of threats that devices need to be protected from have evolved.
In the early noughties it was anarchic viruses with a simple aim to destroy.
Spyware came next as criminals started to see opportunities to cash in, then an array of others started to follow. Today, ransomware isthe most commonly discussed and most damaging type for businesses.
As we enter the era of AI, we’re likely to see threats evolve further, with more attempts of social engineering and increased frequency of attacks.
The progression of cyber attacks has meant anti-virus solutions have needed to evolve, cover a broader range of threats and offer much more rounded protection.
We see this in the rise of ‘endpoint protection’ solutions that offer detection and response capabilities. This is different to traditional anti-virus or anti-malware solutions that scan files either periodically or when they’re accessed.
With endpoint solutions, behaviour monitoring looks for actions that may seem benign but follow patterns that suggest potential malicious activity. This might include the action of encrypting files or a PC sending out certain types of network traffic.
Microsoft are now market leaders in endpoint protection
Big players in the endpoint protection space offer Endpoint Detection and Response (EDR), in solutions like Sophos, BitDefender, McAfee and so on. But these capabilities usually come at premium cost over and above their standard offering.
Defender for Business now offers all of these as standard, and believe it or not, is one of the best solutions available.
It’s pretty amazing to see just how far ahead of the competition Microsoft are when it comes to endpoint protection. When you consider that the core competition Microsoft is benchmarked against are security specialists who exclusively work in cyber security, it highlights the significant investment Microsoft are placing into endpoint protection. This has been driven into their security solutions, and particularly Microsoft Defender for Business.
They were even named a lead in endpoint protection in 2021.
Today, Defender represents a whole suite of security solutions across the Microsoft Cloud. Its capabilities are also greatly enhanced, making it an ideal solution for businesses of different shapes and sizes.
What is Microsoft Defender for Business?
Microsoft Defender for Business offers enterprise-level endpoint protection, with a simple configuration process and an easy-to-use interface. This makes it suitable for even small organisations. It provides many capabilities, including:
Threat and vulnerability management
Through a simple dashboard, detected threats and vulnerabilities detected within your organisation can be seen and addressed in real time.
Attack surface reduction
The attack surface represents the number of different areas where a device could be attacked. Reducing these better protects devices and networks by providing fewer potential routes in.
By blocking certain actions, such as scripts that attempt to download or run files, threats can be prevented before they have the opportunity to embed.
Next generation protection
Real-time, cloud-delivered protection detects and prevents malware from running on devices. Network protection helps block phishing scams and dangerous website/web content.
In addition, the block at first sight feature kills malware processes within seconds.
Endpoint Detection and Response
Defender for Business continually monitors behaviours through telemetry. This goes deep into each device, looking for suspicious activities and identifying where a complex threat may be present. When something is found, the response capabilities provide options for rapidly responding to and resolving the threat.
Licensing options for Microsoft Defender
Defender for Business is included in Microsoft’s Business Premium license – the essential go-to for organisations with less than 300 users.
If you’re using Business Standard, take the time to re-evaluate what you’re missing out on and the risk itleaves you facing.
The world of cyber security has changed so much in the last decade. Microsoft have upped their game so that you can too. By investing now, you’ll protect yourself from the new wave of cyber threats.
