Microsoft Defender for Cloud

Formerly Azure Security Center

With the help of Microsoft Defender for Cloud, we were able to reduce a huge number of alerts related to threats. It knows which are threats and which are not threats, so we can say at least we have reduced 50% of threat alerts. It is recommended to use it and customize the setting as per requirement.

Yes It has helped to reduce the threat alerts. We mostly received alerts for SQL Vulnerability and Storage Account notifications. It helped us to create guidelines to help us protect any malicious attacks. We have been able to reduce the alerts by 70% as per the recommendations provided.

Microsoft Defender for Cloud when used with Microsoft Defender 365 (eXtended Detection and Response) and sentinel . you can automate your response and minimize the effort of your SOC team.

Yes, it has. The number of security alerts are directly proportional to the number of insecure configurations of resources within the environment. By flagging those misconfigurations in great detail along with the required remediation steps, we were able to make our resources more secure and less prone to cyberattacks as before. Wildly speaking, we were able to cut down almost 40% security alerts in the past 6 months.

The CSPM feature really lowers the number of alerts and incidents in Sentinel. Often misconfigurations make that certain incidents will happen and have to looked in to. Now we look at the posture beforehand and try to mitigate a risk before an incident will happne. We do not have exact numbers, but a bad configured azure portal can create quite some noise in the SOC, we can easily lower the number of incidents by 10%

Yes, Microsoft Defender for Cloud helps us a lot in reducing the number of threat alerts.

It helps in reducing the threat alerts via automate response actions for certain types of threats, such as isolating a compromised virtual machine or blocking a malicious IP address. This reduces the need for manual intervention and minimizes alert fatigue.

Almost it helps us in cut down the threat alerts related to critical and vulnerable to outside attacks.

In general OOB tool generates quite few alerts and requires manual tuning based on the environment to reduce false positive load. Out of all generated alerts only minority are true positives. But after tuning out benign activity tool does provide some good insights.

It can assist in lowering the volume of threat notifications using Microsoft Defender for Cloud. It accomplishes this by identifying and removing false positives using machine learning. False positive alerts are those that the system generates but aren't truly brought on by a threat. Defender for Cloud's false positive filter can assist you in concentrating on the actual danger.

The platform's threat detection capabilities are strong, making it suitable for organizations needing advanced threat intelligence and incident response. I'm not sure of the exact percentage, but it was helpful.

The number of threat alerts initially increased which is the case with any alerting tool but after fine-tuning the detection, we have lesser and more impactful alerts which actually need triaging and dive-deep analysis.

Microsoft Defender for Cloud does help reduce the number of threat alerts by a significant amount. Keep in mind, that this is just basic protection, but if that is all you need it for - it's the way to go!

I would say this has cut down the number of threat alerts initially by 20% plus and also contributing to this is the scan feature so you can catch configuration errors before they become an issue.

By doing remediations it has greatly reduced threat alerts from occurring. It's hard to estimate percentages but I would say a 35% reduction in alerts.