Microsoft this week rolled out its new Microsoft Defender Experts for Hunting program aimed to support companies and their cybersecurity employees with proactive threat hunting.
In a blog post, Microsoft said the new program was developed for companies that have a strong security operations center, but want Microsoft to them hunt threats using Microsoft Defender data.
The threat hunting service aims to go beyond the endpoint to hunt across Microsoft Office 365, cloud applications and identities. The support teams offers threat hunting and analysis, threat notifications, access to experts, and extensive reports.
Depending on the pricing structure, this could really help SMBs with neither the time nor expertise to continuously hunt threats within their environments, said Andrew Hay, chief operating officer at LARES Consulting.
“We could also see this as Microsoft's foray into competing head-to-head with EDR competitors like Palo Alto Networks, CrowdStrike, Mandiant, and VMware Carbon Black and their respective threat hunting services,” Hay said.