{"id":4956,"date":"2025-07-26T23:31:13","date_gmt":"2025-07-26T23:31:13","guid":{"rendered":"https:\/\/techtrendfeed.com\/?p=4956"},"modified":"2025-07-26T23:31:14","modified_gmt":"2025-07-26T23:31:14","slug":"maximize-your-microsoft-365-safety-with-sophos-mdr-sophos-information","status":"publish","type":"post","link":"https:\/\/techtrendfeed.com\/?p=4956","title":{"rendered":"Maximize your Microsoft 365 safety with Sophos MDR \u2013 Sophos Information"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p class=\"text-md mb-4\" data-id=\"v98IqMLuh65hbm0JMkXj\" data-pm-slice=\"0 0 []\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Sophos MDR is the world\u2019s most trusted MDR service, with a whole bunch of cybersecurity consultants offering 24-7 monitoring, prevention, detection, and response to greater than 30,000 organizations worldwide.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"i5ZXzjIknxU8apV6urEV\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Whereas Sophos MDR leverages telemetry from throughout our clients\u2019 environments to detect and neutralize threats, some of the vital benefits \u2013 and a key differentiator of the Sophos MDR service \u2013 is our deep integration with Microsoft 365 for all clients whatever the Microsoft license they\u2019re utilizing.<\/span><\/p>\n<div class=\"jeg_video_container jeg_video_content\"><iframe loading=\"lazy\" title=\"Sophos MDR and Microsoft: Beyond &quot;Better Together&quot;\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/nozK_oED-Hk?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe><\/div>\n<p class=\"text-md mb-4\" data-id=\"bBOudeYCGuuZBPd3Y8SX\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">This permits us to see and cease extra threats sooner, whereas growing clients\u2019 return on their Microsoft investments.<\/span><\/p>\n<h2 data-id=\"FnxuOUaRU2lDOTZhpxbI\">A story of two APIs: Graph Safety vs. Administration Exercise<\/h2>\n<p class=\"text-md mb-4\" data-id=\"FnxuOUaRU2lDOTZhpxbI\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Many MDR suppliers closely depend on Microsoft\u2019s Graph Safety API, which gives sturdy detection worth \u2013 however just for clients who&#8217;ve invested in a premium E5 license.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"3TVtCGqznRzwEcQC1Ybv\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">For the overwhelming majority of shoppers utilizing different Microsoft 365 licenses \u2013 corresponding to Enterprise Fundamental, Normal, and even Premium licenses \u2013 the Graph Safety API gives minimal telemetry.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"mIwfOfx0oiyI4ECR3xyf\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">At Sophos, we take the distinct and extremely efficient method of additionally extensively leveraging Microsoft\u2019s Administration Exercise API, which gives wealthy audit logs from Alternate On-line, SharePoint, and different Microsoft options.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"K2tvLkDuaNb7VBgXRI4d\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Crucially, this API is accessible throughout almost all Microsoft 365 license tiers, that means even Enterprise Fundamental clients profit.<\/span><\/p>\n<h2 data-id=\"c4qiLwuMje6QQ0g3TZ06\">Higher knowledge, higher outcomes<\/h2>\n<p class=\"text-md mb-4\" data-id=\"c4qiLwuMje6QQ0g3TZ06\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Sophos MDR ingests these logs and applies proprietary menace detection guidelines developed by our menace intelligence and engineering groups.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"IkTx8kjr4MfPejxChdAq\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">These aren\u2019t \u201coff the shelf\u201d detections. <\/span><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">They\u2019re custom-built to establish high-risk situations corresponding to session hijacking, phishing, enterprise e-mail compromise inbox rule creation, and credential-stuffing.<\/span><\/p>\n<h2 data-id=\"87VwhECsIVvHnB4WlVV1\">Quicker responses, 1000&#8217;s of instances over<\/h2>\n<p class=\"text-md mb-4\" data-id=\"87VwhECsIVvHnB4WlVV1\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">This method operates at scale, with a number of thousand confirmed threats surfaced every month from Microsoft knowledge \u2013 threats that might in any other case go undetected with out an E5 license.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"d8o7p8ESaUWmCarfwBMr\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Take into account a typical state of affairs: a consumer clicks a phishing hyperlink, completes multi-factor authentication, and an attacker hijacks the session.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"NHEEPD6aFR9bmnDXfGaN\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">The attacker then creates hidden inbox guidelines to delete or redirect emails that might in any other case alert the consumer to suspicious exercise corresponding to bill fraud.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"5urcVjpjsz2pJY4TKI4h\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">As a result of the Microsoft Administration Exercise API sends all of the Microsoft 365 audit logs to the Sophos knowledge lake, Sophos detections are in a position to flag this habits primarily based on patterns discovered from the audit logs \u2013 patterns corresponding to a number of working programs utilizing the identical session or recognized phishing equipment indicators of compromise.<\/span><\/p>\n<h2 data-id=\"5urcVjpjsz2pJY4TKI4h\">Extra than simply detection<\/h2>\n<p class=\"text-md mb-4\" data-id=\"6fHRtSgvgp3LN0cUvEJp\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Whereas our deep Microsoft integration is a major instance of how Sophos extends protecting capabilities, we don\u2019t cease at detection: Sophos MDR can reply natively inside the Microsoft atmosphere.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"SIPYH5BimKczhJGLN0G8\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">With the client\u2019s permission, Sophos MDR analysts can take instant motion to remediate threats in Microsoft 365.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"sv7mvgTJSRNVCEHbG9Rf\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Revoking classes, blocking consumer sign-ins, and disabling malicious inbox guidelines \u2013 all with out requiring buyer interplay.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"VLwySRMavf6yB3DDyh38\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">We conduct many a whole bunch of those automated response actions each month, with a whole bunch extra executed manually when wanted.<\/span><\/p>\n<h2 data-id=\"VLwySRMavf6yB3DDyh38\">Study extra<\/h2>\n<p class=\"text-md mb-4\" data-id=\"htRnrBlJlFKkrwUGm8Qm\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Sophos brings distinctive, impactful, and fast response capabilities to Microsoft environments, even for patrons on Microsoft 365 primary license plans. <\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"iFr1eSSOJDe1WPI2mQD5\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">It\u2019s higher cybersecurity and a greater return on funding.<\/span><\/p>\n<p class=\"text-md mb-4\" data-id=\"WnmKjTjgZ5xLzoNjRH6l\"><span class=\"tts-node group\/tts-node rounded-[6px] box-decoration-clone bg-clip-content py-[3px] bg-[var(--background)]\" data-isttsnode=\"true\" data-voiceid=\"unwfwRJTkr6t9RIrhKvk\" data-globalvoicesettingsenabled=\"false\" data-state=\"focused\">Go to <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/www.sophos.com\/mdr-microsoft\">Sophos.com\/MDR-Microsoft<\/a> for extra data.<\/span><\/p>\n<\/p><\/div>\n\n","protected":false},"excerpt":{"rendered":"<p>Sophos MDR is the world\u2019s most trusted MDR service, with a whole bunch of cybersecurity consultants offering 24-7 monitoring, prevention, detection, and response to greater than 30,000 organizations worldwide. Whereas Sophos MDR leverages telemetry from throughout our clients\u2019 environments to detect and neutralize threats, some of the vital benefits \u2013 and a key differentiator of [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":4958,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[58],"tags":[2070,627,618,121,211,120],"class_list":["post-4956","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-maximize","tag-mdr","tag-microsoft","tag-news","tag-security","tag-sophos"],"_links":{"self":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4956","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4956"}],"version-history":[{"count":1,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4956\/revisions"}],"predecessor-version":[{"id":4957,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/posts\/4956\/revisions\/4957"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=\/wp\/v2\/media\/4958"}],"wp:attachment":[{"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4956"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4956"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techtrendfeed.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4956"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}<!-- This website is optimized by Airlift. Learn more: https://airlift.net. Template:. Learn more: https://airlift.net. Template: 69d9690a190636c2e0989534. Config Timestamp: 2026-04-10 21:18:02 UTC, Cached Timestamp: 2026-06-13 15:23:47 UTC -->