You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/configure-mssp-support.md
+5-8Lines changed: 5 additions & 8 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,8 +26,6 @@ ms.date: 07/24/2024
26
26
27
27
> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-mssp-support-abovefoldlink)
## Managed security service provider partnership opportunities
32
30
33
31
Security is recognized as a key component in running an enterprise; however, some organizations might not have the capacity or expertise to have a dedicated security operations team to manage the security of their endpoints and network, others may want to have a second set of eyes to review alerts in their network.
@@ -42,19 +40,18 @@ Defender for Endpoint adds partnership opportunities for this scenario and allow
42
40
43
41
> [!NOTE]
44
42
> The following terms are used in this article to distinguish between the service provider and service consumer:
45
-
>
46
-
> - MSSPs: Security organizations that offer to monitor and manage security devices for an organization.
47
-
> - MSSP customers: Organizations that engage the services of MSSPs.
43
+
> - MSSPs: Security organizations who monitor and manage security devices for organizations (customers).
44
+
> - MSSP customers: Organizations who engage the services of MSSPs.
48
45
49
46
## MSSP integration
50
47
51
-
To enable MSSP integration, the MSSP customer needs to grant access to their Defender for Endpoint tenant so that the MSSP can access the portal.
48
+
To enable MSSP integration, the MSSP customer needs to grant access to their Defender for Endpoint tenant so that the MSSP can access their Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)).
52
49
53
-
Typically, MSSP customers take the initial configuration steps to grant MSSPs access to their Windows Defender Security Central tenant. After access is granted, the MSSP or customer can do the other configuration steps. In general, these are the configuration steps to complete:
50
+
After access is granted, the MSSP or customer can do the other configuration steps. In general, the following table summarizes the configuration steps to complete:
54
51
55
52
| Step | Who does it|
56
53
|---|---|
57
-
|**Grant the MSSP access to Microsoft Defender XDR**. This action grants the MSSP access to the MSSP customer's Defender for Endpoint tenant. | MSSP Customer |
54
+
|**Grant the MSSP access to the Microsoft Defender portal**. This action grants the MSSP access to the MSSP customer's Microsoft Defender portal. | MSSP Customer |
58
55
|**Configure alert notifications sent to MSSPs**. This action lets the MSSPs know what alerts they need to address for the MSSP customer. | MSSP customer or MSSP |
59
56
|**Fetch alerts from MSSP customer's tenant into SIEM system**. This action allows MSSPs to fetch alerts in SIEM tools. | MSSP |
60
57
|**Fetch alerts from MSSP customer's tenant using APIs**. This action allows MSSPs to fetch alerts using APIs. | MSSP |
0 commit comments