Microsoft Threat Protection Engagement

1. As part of the engagement, you will:
- Better understand, prioritize, and mitigate potential threats.
- Work together with the delivery resource to define a list of next steps based on their needs, objectives, and results from the Threat Protection Engagement.
- Learn how they can accelerate their security journey together with Microsoft.

2. The objectives for the Threat Protection Engagement are:
- Discover threats: Gain visibility into threats to Microsoft 365 cloud, Azure cloud, and on-premises environments across email, identity, servers, endpoints and data to better understand, prioritize and mitigate potential cyberattack vectors.
- Understand how to mitigate threats: Help you understand how the included Microsoft Security products can help them mitigate and protect against the threats found during the period of this engagement.
- Discover vulnerabilities: Gain visibility into vulnerabilities to Microsoft 365 cloud and on-premises environments to better understand how to discover, prioritize, and address vulnerabilities and misconfigurations across the organization.
- Accelerate the security journey: Help you learn how to accelerate their security journey together with Microsoft.
- Define next steps: Work with you to define a list of next steps based on needs, objectives, and results from the Threat Protection Engagement.

3. The Threat Protection engagement is built on a modular concept. Every engagement starts with general setup by applying required trial licenses and complete tenant configuration. From there, two (2) mandatory modules are configured:

Mandatory modules
- Microsoft Defender Portal
- Cloud (Entra ID) Identity Protection

The mandatory modules will allow you gain visibility into threats and vulnerabilities to cloud and on-premises environments obtained as part of the engagement, which will include learning about key product scenarios and features of Microsoft security solutions.

Selectable modules
After completion of the mandatory modules, three (3) selectable modules of five (5) total will be configured.
- Module - Email Protection: The module demonstrates how Microsoft Defender for Office 365 offers comprehensive protection against cyber threats for email and collaboration tools.
- Module – Endpoint and Cloud Apps Protection: The module demonstrates how Microsoft Defender for Endpoint and Microsoft Defender Vulnerability Management help to prevent, detect and respond to advanced threats and reduce cyber risk through comprehensive risk-based vulnerability management. In addition, we will also demonstrate how to use Microsoft Defender for Cloud Apps to provide visibility into cloud app usage and protection against app-based threats.
- Module – Unified SecOps Platform: The module demonstrates how the Microsoft Unified SecOps platform integrates SIEM and XDR capabilities with AI, providing end-to-end visibility and automatic attack disruption to improve security outcomes.
- Module – Server Protection: The module demonstrates how Microsoft Defender for Cloud can help prevent, detect and respond to advanced threats and reduce cyber risk through comprehensive Cloud Security Posture Management.
- Module – Microsoft Copilot for Security Demonstration: Interactive demonstrations on how Microsoft Copilot for Security can help support security professionals in end-to-end scenarios such as incident response, threat hunting, intelligence gathering, and posture management.

- Any threats/vulnerabilities identified by the engagement will be analyzed and documented for use in the results presentation.
- At the end of the Threat Protection Engagement, all configuration changes will be decommissioned from the environment.

Microsoft funding:
Microsoft Cybersecurity Investment (CSI) program is an initiative that provides funding to eligible organizations to expand their Microsoft security deployments, with partners like Ravanty offering services around Threat Protection and Data Security across organization’s IT layers. Customer eligibility considerations apply.