Last updated at Fri, 22 Nov 2024 21:17:56 GMT

In today’s complex threat landscape, organizations need every advantage at their disposal to stay secure–starting with maximizing the tools they already have within their ecosystem. With the launch of Rapid7 MXDR’s SOC support for key Microsoft security products, we’re making it possible for organizations to layer security defenses and amplify outcomes by combining their existing Microsoft telemetry with the 24x7 coverage, broad security ecosystem telemetry and in-depth expertise of Rapid7’s MXDR service.

By connecting directly to key Microsoft event sources—like Microsoft O365, Defender for Cloud, Defender for Endpoint, Defender for Vulnerability Management, Defender for Identity, and Entra Identity—MXDR amplifies detection, visibility, and response capabilities across the technology you rely on, without needing additional infrastructure or complex setups. From uncovering hidden threats to responding to incidents faster, this integration leverages Microsoft’s event data to help security teams achieve 24x7 comprehensive Microsoft coverage throughout their tool stack.

Organizations of every size can now harness the best of both worlds: the familiarity and depth of their Microsoft environment and the advanced detection, correlation, automation, and forensic response capabilities of Rapid7’s MXDR service.

Importance of Microsoft Event Sources in Today’s Threat Landscape

Microsoft tools are foundational in many organizations’ tech stacks, and help teams collect  security-critical data that can enhance threat detection and incident response. Without an integrated technology stack and 24x7 SOC triage, investigation, and response coverage across the Microsoft tools that teams already rely on, normalizing inputs and pinpointing real signs of attacker behavior can be nearly impossible for teams of all sizes.

By supporting Microsoft event sources as a layer on top of native telemetry provided through the Rapid7 Detection Engine, we’re making it easier for security teams to correlate data across their environment from key areas in their Microsoft toolset.

Teams can now customize their Rapid7 MXDR support to cover triage, investigation, and response to threats across key Microsoft Security tools, including:

  • Microsoft Entra Identity Protection
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud
  • Microsoft Defender for Endpoint
  • Microsoft Defender for O365
  • Microsoft Defender for Vulnerability Management

By incorporating support for Microsoft security tools, Rapid7 MXDR maximizes your existing Microsoft investment, helping your security team stay agile and resilient in the face of an ever-evolving threat landscape.

Maintaining our Commitment to Securing Your Attack Surface

We’re on a mission for our MDR service to bring unified visibility to the attack surface and comprehensive defense capabilities to your security program. By extending 24x7 expert SOC coverage to Microsoft Security tools, we’re bringing:

  • Customization through integrating the tools you already rely on with Rapid7’s native telemetry to create a tailored service that layers alert data and accelerates response.
  • Visibility from both native and existing tool telemetry, to eliminate blind spots and respond rapidly to abnormal and malicious activity across your entire attack surface​.
  • Broader response capabilities by extending the insights for the Rapid7 SOC to respond to and contain malicious behavior before it can cause harm to your environment, business, and brand.

Getting Started

As we extend our MXDR service with more comprehensive coverage to meet security teams where they are, we’re excited to partner with you to secure your extended ecosystem. If you’re a Rapid7 MDR customer, reach out to your account team to learn more about our extended coverage. If you’re not a Rapid7 MDR customer yet, request a demo here.