This is the Trace Id: 3c1d161e6dee42ea857f3f95f40144a9
Skip to main content
Microsoft Security
Learn more

Microsoft Defender XDR

Elevate your security with unified visibility, investigation, and response across the cyberattack chain with an industry-leading extended detection and response (XDR) solution.
Start free trial Contact Sales
OVERVIEW

Supercharge your security operations center (SOC) with AI-driven XDR

Gain incident-level visibility across the cyberattack chain and empower your SOC team with automatic disruption and accelerated response to multi-domain threats.
  • Discover and help secure endpoint and network devices across your multiplatform enterprise.
    A person typing on a laptop.
  • Manage and secure hybrid identities and simplify employee, partner, and customer access.
    A woman in a suit holding a phone.
  • Modernize how you secure apps and generative AI systems, elevate your security posture, and defend against software as a service (SaaS)-based cyberattacks.
    A person sitting on a couch holding a tablet.
  • Protect your email and collaboration tools from advanced cyberthreats, such as phishing and business email compromise.
    A person typing on a laptop keyboard.
CAPABILITIES

Unify security with XDR

Anticipate and disrupt cyberattacks
Investigate emerging threats
Hunt for hidden risks
Transform SOC efficiency with AI
Streamline security operations

Stop cyberattacks early with automated disruption

Shield high-risk assets and stop attacks in real time with predictive insights and automated containment.
Learn more
Security dashboard shows compromised account with alerts, attack flow, and incident summary highlighting cyber threats.
Back to tabs
THE INTEGRATED SOC

Unified security operations

Anticipate and stop cyberattacks with an AI-driven defense that unifies prevention, detection, and response, all in Microsoft Defender.
Learn more
A screenshot of a computer screen displaying text about a human-operated ransomware attack.
A man looking at a computer screen.

Microsoft Defender for Endpoint

Deliver preventive protection, post-breach detection, automated investigation, and response for endpoints.
Learn more
A person sitting at a desk using a laptop with a screen displaying graphs and charts.

Microsoft Defender for Identity

Manage and secure hybrid identities and simplify employee, partner, and customer access.
Learn more
A close-up of a person's hand holding a device with a blue and white background.

Microsoft Defender for Office 365

Help secure your email, documents, and collaboration tools.
Learn more
A person wearing an orange shirt holding a cell phone.

Microsoft Defender for Cloud Apps

Get visibility, control data, and detect cyberthreats across cloud services and apps.
Learn more
A person sitting at a desk with a laptop and a visible computer screen.

Microsoft Defender for IoT

Get real-time asset discovery, vulnerability management, and cyberthreat protection for your Internet of Things (IoT) and operational technologies (OT) infrastructure.
Learn more
A man sitting at a desk with a computer screen visible.

Microsoft Security Exposure Management

Reduce risk and optimize your security posture with comprehensive visibility into your attack surface and exposure to cyberthreats.
Learn more
A close-up of a man's face with long hair and a beard.

Microsoft Defender Experts for XDR

Bolster your SOC with managed extended detection and response and our team of in-house experts.
Learn more
A woman pointing at a computer screen.

Microsoft Defender Experts for Hunting

Strengthen your security posture with experts who proactively hunt for threats at all hours.
Learn more
Back to RELATED PRODUCTS AND SERVICES section
Industry recognition

Microsoft Security is a recognized industry leader.

  • A leader in the Forrester XDR Wave

    Microsoft Defender is named a Leader in The Forrester Wave™: Extended Detection and Response (XDR) Platforms, Q2 2024.1, 2
    Read the blog

  • A Leader in the IDC MarketScape for XDR
     

    Microsoft has been named as a leader in the IDC Worldwide Extended Detection and Response Software 2025 Vendor Assessment.3
    Read the blog
A man wearing glasses is looking at a laptop.
Resource library

See what’s new in cyberthreat protection and AI

Discover the latest trends and best practices in cyberthreat protection and AI for cybersecurity with our library of webcasts, e-books, and analyst reports.
Sign up to access
CUSTOMER STORIES

What customers are saying

  1. G&J Pepsi-Cola Logo
  2. Equitable Bank Logo
  3. Campari Group Logo
  4. GBC Logo
A machine with green bottles.
G&J Pepsi-Cola Logo
“Having a strong security posture focused on protecting physical security and the security of devices, identities, and data is critical to company stability ….”
Eric McKinney, Enterprise Infrastructure Director, G&J Pepsi-Cola Bottlers
Hands typing on a laptop keyboard with abstract white line drawings in the background.
Equitable Bank Logo
“The difference we achieved in security after installing Microsoft 365 Defender and Microsoft Sentinel was very affirming for the team. ….”
Andrew Vezina, Vice President and Chief Information Security Officer, Equitable Bank
A person pouring liquid into a glass with a close-up of a bottle visible.
Campari Group Logo
“Our ability to detect and mitigate suspicious activity grows as we adopt more Microsoft Security solutions.”
Andrea Mazzetti, Global IT Manager, Cyber Security, Campari Group
A building with many windows.
GBC Logo
“Rebuilding enterprise-grade datacenters would have cost us $1.6 million. … For half the cost of datacenter refresh, we have better usability, scalability, and visibility.”
Neil Natic, Chief Information Officer, Georgia Banking Company
Back to Customer stories section
RESOURCES

Documentation and learning

  1.
A person pointing at a computer screen.
Infographic

Explore the Microsoft Defender XDR infographic

Get an overview of how XDR helps stop cyberattacks and coordinates responses across assets.
View the infographic
Two people in a meeting: man in red sweater smiles while speaking, woman with glasses listens attentively, both engaged.
Prerequisites

Understand your licensing plan options

Get an overview of all plans that include Microsoft Defender XDR capabilities.
Read the article
A man wearing glasses looking at a computer screen.
Blog

Learn from the Microsoft Defender XDR Blog

Try out best practices, get updates, and engage with product teams in the Defender XDR tech community.
Read the blog
Woman leans forward, smiling at a computer screen with two male colleagues in an office, showing focus and collaboration.
Technical guide

Pilot and evaluate Microsoft Defender XDR

Follow technical guidelines to start piloting Microsoft Defender XDR.
Read the guide
Back to Resources section

Frequently asked questions

  • Microsoft Defender XDR (formerly Microsoft 365 Defender) is an industry-leading XDR platform. It delivers a unified investigation and response experience and provides native protection across endpoints, IoT devices, hybrid identities, email and collaboration tools, and cloud applications with centralized visibility, powerful analytics, and automatic cyberattack disruption.

    Gain a broader set of protections with Microsoft Defender XDR, including email security as well as identity and access management as critical preventative solutions. Benefit from auto-healing capabilities for common issues and scale your security operations center (SOC) team with XDR-automated disruption to help protect against advanced cyberattacks more effectively, while safeguarding business continuity.
  • Microsoft Defender XDR is an XDR platform that provides security across your multiplatform endpoints, hybrid identities, email, collaboration tools, and cloud apps. It uses incident-level visibility across the cyberattack chain, automatic cyberattack disruption, and unified security and access management to accelerate responses to sophisticated cyberattacks. Microsoft Sentinel complements these capabilities with security and information event management (SIEM) and security orchestration, automation, and response (SOAR) to ingest logs from your entire digital estate—providing further automation, response, and cyberthreat tracking across systems.
  • Microsoft Defender XDR is the unified portal experience encompassing various security solutions. Access the Microsoft Defender XDR portal and XDR features with any of these licenses:
    • Microsoft 365 E5 or A5
    • Microsoft 365 E3
    • Microsoft 365 E3 with the Microsoft Enterprise Mobility + Security E5 add-on
    • Microsoft 365 A3 with the Microsoft 365 A5 security add-on
    • Microsoft Enterprise Mobility + Security E5 or A5
    • Microsoft Defender for Endpoint (Plans 1 and 2)
    • Microsoft Defender for Identity 
    • Microsoft Defender for Cloud Apps
    • Microsoft Defender for Office 365 (Plans 1 and 2)
    • Microsoft Defender Vulnerability Management
    For more information, see Microsoft 365 Enterprise service plans.
A person sitting at a desk with a computer.
Get started

Protect everything

Make your future more secure. Explore your security options today.
Contact Sales Start free trial
  1. [1]
    Forrester, Forrester New Wave, Forrester Wave, and The Total Economic Impact are trademarks of Forrester Research, Inc.
  2. [2]
    The Forrester Wave™: Extended Detection And Response (XDR) Platforms, Q2 2024, June 2024.

    Forrester does not endorse any company, product, brand, or service included in its research publications and does not advise any person to select the products or services of any company or brand based on the ratings included in such publications. Information is based on the best available resources. Opinions reflect judgment at the time and are subject to change. For more information, read about Forrester’s objectivity here.
  3. [3]
    IDC MarketScape: Worldwide Extended Detection and Response Software 2025 Vendor Assessment, IDC #US52997325e, September 2025.

Follow Microsoft Security