Key takeaways
- Microsoft 365 Defender introduces multi-tenant support for incident investigations and advanced threat hunting.
- It consolidates incident views, device inventory, and vulnerability management, eliminating the need to switch between accounts.
- This feature streamlines security operations, making it easier for IT professionals to track and respond to emerging threats across multiple tenants.
Microsoft has introduced multi-tenant support in public preview for Microsoft 365 Defender. This feature simplifies the lives of IT pros by providing a unified view for investigating incidents and conducting advanced threat hunting across multiple tenants.
Microsoft 365 Defender is a security solution that allows IT Pros to protect data across Microsoft 365 environments. The service provides various security tools to enhance protection against phishing attacks, malware, data breaches, and other threats.
“This addition marks the first wave of improvements, with a focus on global SOC investigation flows, including a consolidated view of incidents across tenants, device inventory, vulnerability management, the ability to perform advanced hunting across data in multiple tenants, and more,” Microsoft explained.
Microsoft detailed several key features of multi-tenant management in Microsoft 365 Defender. The feature provides all the details that security teams need to investigate incidents across multiple tenants. It eliminates the need for constant switching between different accounts.
The multi-tenant support feature is also designed to streamline the threat-hunting process. The feature enables security teams to proactively look for security threats with Microsoft 365 Defender’s advanced hunting capabilities.
Lastly, the new multi-tenant management experience makes it easier for partners to gain insights about security incidents, alerts, as well as threat hunting across multiple organizations. Meanwhile, Microsoft recommends small and medium businesses to continue using Microsoft 365 Lighthouse.
How to set up multi-tenant management in Microsoft 365 Defender
To set up multi-tenant management, IT admins will need to configure tenants to view and manage security data in Microsoft 365 Defender.
- Sign in to multi-tenant management in Microsoft 365 Defender and select Add tenants.
- Select the specific tenant to manage and then click the Add button.
- Finally, IT admins will see the multi-tenant management features on the navigation bar.
Microsoft notes that managing multi-tenant environments could be a challenging task for administrators. The new capability should help to reduce the time and effort that was previously required to track emerging security threats. It also helps organizations to boost their security operations and stay ahead of modern security threats.