Introduction

Completed

Microsoft Defender XDR is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.

With the integrated Microsoft Defender XDR solution, security professionals can coordinate the threat signals that each of these products receive and determine the full scope and impact of the threat. How the threat entered the environment, what it's affecting, and how it's currently impacting the organization.

You're a Security Operations Analyst working at a company that implemented Microsoft Defender XDR solutions, including Defender for Endpoint, Defender for Identity, and Microsoft Defender for Cloud Apps.

You need to see related alerts across all the solutions as one incident to see the incident's full impact and do a root cause investigation. The Microsoft Defender portal is a unified view of incidents and actions taken.