Microsoft is announcing the general availability of the Microsoft Entra Suite, the industry’s most comprehensive secure access solution for the workforce, and the general availability of Microsoft Sentinel within the Microsoft unified security operations platform, which delivers unified threat protection and posture management. These innovations make it easier to secure access, identify and close critical security gaps, detect cyberthreats, reduce response times, and streamline operations.

The Microsoft Entra Suite

With 66% of digital attack paths involving insecure identity credentials, the Microsoft Entra Suite is crucial in preventing security breaches.
 

Identity and network security alone cannot cover all access scenarios. The Microsoft Entra Suite unifies these aspects, offering a comprehensive Zero Trust security approach. It enables user verification, prevents overprivileged permissions, enhances detections, and enforces granular access controls for all users and resources. Its native integration fosters collaboration between identity and network teams, reducing IT administrators’ workload by allowing easy management of identity and network access policies in one place. Additionally, Microsoft Entra skills in Microsoft Copilot for Security help identity professionals respond more swiftly to identity risks.

 

 

The Microsoft Entra Suite offers the following benefits:

Unified Conditional Access Policies: Manage a single set of access policies for identities and networks through one portal, extending Zero Trust access to any application, whether cloud-based, on-premises, or on the open internet. This unified approach ensures comprehensive protection without gaps.

Least Privilege Access: Automate the access lifecycle for all users, ensuring they only have access to necessary applications and resources. Regular, machine learning-powered access reviews help maintain compliance and remove unnecessary permissions.

Enhanced User Experience: Provide employees with faster onboarding, secure passwordless sign-in, single sign-on for all applications, and a self-service portal for access management. Real-time identity verification with Face Check simplifies remote onboarding and account recovery.

Reduced Complexity and Costs: Simplify management by consolidating security tools, allowing the retirement of multiple on-premises solutions in favour of a cloud-based approach suitable for modern environments.

 

 

Microsoft Sentinel is generally available in Microsoft’s unified security operations platform

Microsoft Sentinel customers on the commercial cloud with at least one Microsoft Defender XDR workload deployed will now be able to:

  • Onboard a single workspace into the Defender portal.

  • Have unified incidents and unified hunting with Microsoft Defender XDR, streamlining their investigations and reducing context switching.

  • Take advantage of Microsoft Copilot for Security for incident summaries and reports, guided investigation, auto-generated Microsoft Teams messages, code analysis, and more.

  • Extend attack disruption beyond Defender XDR workloads to other critical apps—starting with SAP.

  • Get tailored, post-incident recommendations on preventing similar or repeat cyberattacks that tie directly into the Microsoft Security Exposure Management initiatives to automatically improve readiness scores as actions are completed.

 

 

Automatic Attack Disruption: Utilising AI and machine learning, this feature detects and halts advanced cyberattacks in real-time, including ransomware and business email compromise, with 99% confidence. This gives security teams time to investigate and remediate with less pressure.

Attack Path Analysis and Exposure Reduction: Security teams can visualise potential lateral movement of attackers and receive guided recommendations to reduce vulnerabilities, prioritising actions based on impact.

Rapid Cyberattack Response: Enhanced signal-to-noise ratio and alert correlation through Defender XDR and Microsoft Sentinel allow faster, more accurate detection and investigation, enabling analysts to respond to breaches more efficiently.

Improved Threat Hunting: A unified data querying experience and embedded Microsoft Copilot for Security streamline proactive threat searches and accelerate analyst workflows with guided responses and Kusto Query Language (KQL) translation.