This is the Trace Id: c4a1e33379aa64b4a99aa8529262c911
Skip to main content Why Microsoft Security AI-powered cybersecurity Cloud security Data security & governance Identity & network access Privacy & risk management Security for AI Unified SecOps Zero Trust Microsoft Defender Microsoft Entra Microsoft Intune Microsoft Priva Microsoft Purview Microsoft Sentinel Microsoft Security Copilot Microsoft Entra ID (Azure Active Directory) Microsoft Entra Agent ID Microsoft Entra External ID Microsoft Entra ID Governance Microsoft Entra ID Protection Microsoft Entra Internet Access Microsoft Entra Private Access Microsoft Entra Permissions Management Microsoft Entra Verified ID Microsoft Entra Workload ID Microsoft Entra Domain Services Azure Key Vault Microsoft Sentinel Microsoft Defender for Cloud Microsoft Defender XDR Microsoft Defender for Endpoint Microsoft Defender for Office 365 Microsoft Defender for Identity Microsoft Defender for Cloud Apps Microsoft Security Exposure Management Microsoft Defender Vulnerability Management Microsoft Defender Threat Intelligence Microsoft Defender Suite for Business Premium Microsoft Defender for Cloud Microsoft Defender Cloud Security Posture Mgmt Microsoft Defender External Attack Surface Management Azure Firewall Azure Web App Firewall Azure DDoS Protection GitHub Advanced Security Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Defender for Business Microsoft Intune core capabilities Microsoft Defender for IoT Microsoft Defender Vulnerability Management Microsoft Intune Advanced Analytics Microsoft Intune Endpoint Privilege Management Microsoft Intune Enterprise Application Management Microsoft Intune Remote Help Microsoft Cloud PKI Microsoft Purview Communication Compliance Microsoft Purview Compliance Manager Microsoft Purview Data Lifecycle Management Microsoft Purview eDiscovery Microsoft Purview Audit Microsoft Priva Risk Management Microsoft Priva Subject Rights Requests Microsoft Purview Data Governance Microsoft Purview Suite for Business Premium Microsoft Purview data security capabilities Pricing Services Partners Cybersecurity awareness Customer stories Security 101 Product trials How we protect Microsoft Industry recognition Microsoft Security Insider Microsoft Digital Defense Report Security Response Center Microsoft Security Blog Microsoft Security Events Microsoft Tech Community Documentation Technical Content Library Training & certifications Compliance Program for Microsoft Cloud Microsoft Trust Center Security Engineering Portal Service Trust Portal Microsoft Secure Future Initiative Business Solutions Hub Contact Sales Start free trial Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Marketplace Rewards Software development companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap
Learn more
Image

Microsoft Defender XDR

Elevate your security with unified visibility, investigation, and response across the cyberattack chain with an industry-leading extended detection and response (XDR) solution.
Start free trial Contact Sales
A person sitting at a desk using a computer with a coworker sitting beside
OVERVIEW

Supercharge your security operations center (SOC) with AI-driven XDR

Gain incident-level visibility across the cyberattack chain and empower your SOC team with automatic disruption and accelerated response to multi-domain threats.
  • Discover and help secure endpoint and network devices across your multiplatform enterprise.
    A person typing on a laptop.
  • Manage and secure hybrid identities and simplify employee, partner, and customer access.
    A woman in a suit holding a phone.
  • Modernize how you secure apps and generative AI systems, elevate your security posture, and defend against software as a service (SaaS)-based cyberattacks.
    A person sitting on a couch holding a tablet.
  • Protect your email and collaboration tools from advanced cyberthreats, such as phishing and business email compromise.
    A person typing on a laptop keyboard.
Image
CAPABILITIES

Unify security with XDR

Anticipate and disrupt cyberattacks
Investigate emerging threats
Hunt for hidden risks
Transform SOC efficiency with AI
Streamline security operations

Stop cyberattacks early with automated disruption

Shield high-risk assets and stop attacks in real time with predictive insights and automated containment.
Learn more
Security dashboard shows compromised account with alerts, attack flow, and incident summary highlighting cyber threats.
Back to tabs
THE INTEGRATED SOC

Unified security operations

Anticipate and stop cyberattacks with an AI-driven defense that unifies prevention, detection, and response, all in Microsoft Defender.
Learn more
A screenshot of a computer screen displaying text about a human-operated ransomware attack.
A man looking at a computer screen.

Microsoft Defender for Endpoint

Deliver preventive protection, post-breach detection, automated investigation, and response for endpoints.
Learn more
A person sitting at a desk using a laptop with a screen displaying graphs and charts.

Microsoft Defender for Identity

Manage and secure hybrid identities and simplify employee, partner, and customer access.
Learn more
A close-up of a person's hand holding a device with a blue and white background.

Microsoft Defender for Office 365

Help secure your email, documents, and collaboration tools.
Learn more
A person wearing an orange shirt holding a cell phone.

Microsoft Defender for Cloud Apps

Get visibility, control data, and detect cyberthreats across cloud services and apps.
Learn more
A person sitting at a desk with a laptop and a visible computer screen.

Microsoft Defender for IoT

Get real-time asset discovery, vulnerability management, and cyberthreat protection for your Internet of Things (IoT) and operational technologies (OT) infrastructure.
Learn more
A man sitting at a desk with a computer screen visible.

Microsoft Security Exposure Management

Reduce risk and optimize your security posture with comprehensive visibility into your attack surface and exposure to cyberthreats.
Learn more
A close-up of a man's face with long hair and a beard.

Microsoft Defender Experts for XDR

Bolster your SOC with managed extended detection and response and our team of in-house experts.
Learn more
A woman pointing at a computer screen.

Microsoft Defender Experts for Hunting

Strengthen your security posture with experts who proactively hunt for threats at all hours.
Learn more
Back to RELATED PRODUCTS AND SERVICES section
Industry recognition

Microsoft Security is a recognized industry leader.

  • A leader in the Forrester XDR Wave

    Microsoft Defender is named a Leader in The Forrester Wave™: Extended Detection and Response (XDR) Platforms, Q2 2024.1, 2
    Read the blog

  • A Leader in the IDC MarketScape for XDR
     

    Microsoft has been named as a leader in the IDC Worldwide Extended Detection and Response Software 2025 Vendor Assessment.3
    Read the blog
CUSTOMER STORIES

What customers are saying

  1. G&J Pepsi-Cola Logo
  2. Equitable Bank Logo
  3. Campari Group Logo
  4. GBC Logo
A machine with green bottles.
G&J Pepsi-Cola Logo
“Having a strong security posture focused on protecting physical security and the security of devices, identities, and data is critical to company stability ….”
Eric McKinney, Enterprise Infrastructure Director, G&J Pepsi-Cola Bottlers
Hands typing on a laptop keyboard with abstract white line drawings in the background.
Equitable Bank Logo
“The difference we achieved in security after installing Microsoft 365 Defender and Microsoft Sentinel was very affirming for the team. ….”
Andrew Vezina, Vice President and Chief Information Security Officer, Equitable Bank
A person pouring liquid into a glass with a close-up of a bottle visible.
Campari Group Logo
“Our ability to detect and mitigate suspicious activity grows as we adopt more Microsoft Security solutions.”
Andrea Mazzetti, Global IT Manager, Cyber Security, Campari Group
A building with many windows.
GBC Logo
“Rebuilding enterprise-grade datacenters would have cost us $1.6 million. … For half the cost of datacenter refresh, we have better usability, scalability, and visibility.”
Neil Natic, Chief Information Officer, Georgia Banking Company
Back to Customer stories section
Image
RESOURCES

Documentation and learning

  1.
Image
Resource library

See what’s new in cyberthreat protection and AI

Discover the latest trends and best practices in cyberthreat protection and AI for cybersecurity with our library of webcasts, e-books, and analyst reports.
Sign up to access
A person pointing at a computer screen.
Infographic

Explore the Microsoft Defender XDR infographic

Get an overview of how XDR helps stop cyberattacks and coordinates responses across assets.
View the infographic
Two people in a meeting: man in red sweater smiles while speaking, woman with glasses listens attentively, both engaged.
Prerequisites

Understand your licensing plan options

Get an overview of all plans that include Microsoft Defender XDR capabilities.
Read the article
A man wearing glasses looking at a computer screen.
Blog

Learn from the Microsoft Defender XDR Blog

Try out best practices, get updates, and engage with product teams in the Defender XDR tech community.
Read the blog
Woman leans forward, smiling at a computer screen with two male colleagues in an office, showing focus and collaboration.
Technical guide

Pilot and evaluate Microsoft Defender XDR

Follow technical guidelines to start piloting Microsoft Defender XDR.
Read the guide
Back to Resources section

Frequently asked questions

  • Microsoft Defender XDR (formerly Microsoft 365 Defender) is an industry-leading XDR platform. It delivers a unified investigation and response experience and provides native protection across endpoints, IoT devices, hybrid identities, email and collaboration tools, and cloud applications with centralized visibility, powerful analytics, and automatic cyberattack disruption.

    Gain a broader set of protections with Microsoft Defender XDR, including email security as well as identity and access management as critical preventative solutions. Benefit from auto-healing capabilities for common issues and scale your security operations center (SOC) team with XDR-automated disruption to help protect against advanced cyberattacks more effectively, while safeguarding business continuity.
  • Microsoft Defender XDR is an XDR platform that provides security across your multiplatform endpoints, hybrid identities, email, collaboration tools, and cloud apps. It uses incident-level visibility across the cyberattack chain, automatic cyberattack disruption, and unified security and access management to accelerate responses to sophisticated cyberattacks. Microsoft Sentinel complements these capabilities with security and information event management (SIEM) and security orchestration, automation, and response (SOAR) to ingest logs from your entire digital estate—providing further automation, response, and cyberthreat tracking across systems.
  • Microsoft Defender XDR is the unified portal experience encompassing various security solutions. Access the Microsoft Defender XDR portal and XDR features with any of these licenses:
    • Microsoft 365 E5 or A5
    • Microsoft 365 E3
    • Microsoft 365 E3 with the Microsoft Enterprise Mobility + Security E5 add-on
    • Microsoft 365 A3 with the Microsoft 365 A5 security add-on
    • Microsoft Enterprise Mobility + Security E5 or A5
    • Microsoft Defender for Endpoint (Plans 1 and 2)
    • Microsoft Defender for Identity 
    • Microsoft Defender for Cloud Apps
    • Microsoft Defender for Office 365 (Plans 1 and 2)
    • Microsoft Defender Vulnerability Management
    For more information, see Microsoft 365 Enterprise service plans.
Image
A person sitting at a desk with a computer.
Get started

Protect everything

Make your future more secure. Explore your security options today.
Contact Sales Start free trial
  1. [1]
    Forrester, Forrester New Wave, Forrester Wave, and The Total Economic Impact are trademarks of Forrester Research, Inc.
  2. [2]
    The Forrester Wave™: Extended Detection And Response (XDR) Platforms, Q2 2024, June 2024.

    Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. For more information, read about Forrester’s objectivity here.
  3. [3]
    IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment, IDC #US52997325e, September 2025.

Follow Microsoft Security

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Marketplace Rewards Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States) Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads