Overview.

This page provides a single entry point into the full Microsoft Defender ecosystem, covering Defender for Office 365 (MDO), Defender for Endpoint (MDE), Defender for Identity, Defender for Cloud Apps (DfCA), and broader cross-product guidance.

Microsoft Defender for Office 365 (MDO).

Articles covering email threat protection, attack simulations, Safe Links, Safe Attachments, impersonation detection and user awareness.

Series: Microsoft Defender for Office 365 (MDO).

Articles:
Attack Simulation Training.

Microsoft Defender for Endpoint (MDE).

Deep dives into EDR, ASR rules, threat and vulnerability management, onboarding, policy design and operational response workflows.

Series: Microsoft Defender for Endpoint (MDE).
Articles:

Microsoft Defender for Identity.

Guidance for identity-based threat detection, domain controller sensors, lateral movement alerts and hybrid identity monitoring.

Series:
Articles:

Microsoft Defender for Cloud Apps (DfCA).

Content focused on shadow IT discovery, app governance, OAuth risk, CASB alerts, and cloud application controls.

Series:
Articles:

Microsoft Defender XDR and Cross-Product Guides

Articles covering correlations across the Defender suite, unified RBAC, incident response workflows and cross-domain detection.

Series:
Articles:

Microsoft XDR.

A broad collection of articles focusing on the operational side of the Microsoft Defender, including visibility, configuration, correlation, unified RBAC, incident response workflows, cross-domain detection, and security posture.

Series:
Articles:

Command Palette

Overview.

Microsoft Defender for Office 365 (MDO).

Microsoft Defender for Endpoint (MDE).

Microsoft Defender for Identity.

Microsoft Defender for Cloud Apps (DfCA).

Microsoft Defender XDR and Cross-Product Guides

Microsoft XDR.