Microsoft announced three security services that it says are a response to the ongoing shortage of cyber talent — including a consulting service aimed at enterprises and a managed offering in the fast-growing area of extended detection and response (XDR).
Rob Lefferts, corporate vice president for Microsoft 365 Security, said that the need for more services from Microsoft to augment shorthanded security teams is the No. 1 topic he hears about from chief information security officers. "People really want help," Lefferts said in an interview with Protocol.
That prompted the launch of the new suite of services, dubbed Microsoft Security Experts. With the exception of a few enterprises that run the "biggest and best" security operations centers in the world, Lefferts said he believes customers are currently looking for the type of security assistance that these services seek to offer.
The new services include Microsoft Defender Experts for XDR, which is the first managed version of Microsoft 365 Defender, the company's XDR platform, according to Lefferts.
An emerging product area within cybersecurity — Gartner expects 40% of organizations to use XDR by 2027, up from 5% in 2021 — XDR systems correlate data from numerous security tools and environments, in an attempt to provide enhanced threat detection.
Microsoft's managed XDR offering will let customers offload the remediation and investigation work that follows detection, and it's meant for companies of all sizes. The service is a recognition of the fact that businesses increasingly need help with fixing their security issues, not just the ability to find them, Lefferts said.
A second new service, Microsoft Security Services for Enterprise, is targeted at companies that are seeking a consulting engagement around the security issues they're facing.
This could include an analysis of the current state of the company's security posture, offloading of security operations responsibilities or incident response after a breach to ensure that an attacker has been fully evicted and the attack has been remediated, Lefferts said.
The third new service, Microsoft Defender Experts for Hunting, provides hunting for threats in a customer's Microsoft Defender data. The service aims to uncover threats across a customer's endpoints, identities and cloud applications as well as threats found in Office 365 documents, emails and collaboration.
Microsoft Security Services for Enterprise is available now, while Microsoft Defender Experts for Hunting is now in a preview, with plans for general availability in the fall. Microsoft Defender Experts for XDR will enter a preview in the fall.