You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The following section lists down questions your SOC team might have regarding the Microsoft Defender Experts for Hunting service:
29
+
The following section lists down questions your SOC team might have about the Microsoft Defender Experts for Hunting service:
30
30
31
31
| Questions | Answers |
32
32
|---------|---------|
33
-
|**What is Microsoft Defender Experts for Hunting service?**|[Microsoft Defender Experts for Hunting](defender-experts-for-hunting.md) provides a proactive threat hunting service to identify threats in advance. Note that Defender Experts for XDR also includes the proactive threat hunting offered by Defender Experts for Hunting.|
33
+
|**What is Microsoft Defender Experts for Hunting service?**|[Microsoft Defender Experts for Hunting](defender-experts-for-hunting.md) provides a proactive threat hunting service to identify threats in advance. Defender Experts for XDR also includes the proactive threat hunting offered by Defender Experts for Hunting.|
34
34
|**Does Defender Experts for Hunting either use or require Microsoft Sentinel or a security information and event management (SIEM)?**| No. Defender Experts doesn't use any third-party data ingested either via Microsoft Sentinel or any other SIEM platform.|
35
35
|**What products does Defender Experts for Hunting operate on?**| This service relies on event signals from Microsoft Defender for Endpoint, Microsoft Defender for Office 365, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identity, along with proprietary Microsoft Threat Intelligence sources. Any event definitions that isn't written by Microsoft Defender products that is, third-party authored event or detection, isn't within the scope of Defender Experts for Hunting.|
36
36
|**Does Defender Experts for Hunting replace my threat hunting team?**| Defender Experts for Hunting doesn't replace your internal hunting team but instead augments their capabilities. The Defender Experts for Hunting service targets new and emerging threats, addressing industry knowledge gaps in identifying them.|
@@ -42,8 +42,8 @@ The following section lists down questions your SOC team might have regarding th
42
42
|**How can my organization participate in the Defender Experts for Hunting service?**| Contact your Microsoft representative to express interest in Defender Experts for Hunting|
43
43
|**Does Defender Experts for Hunting cover cloud servers that have Microsoft Defender for Endpoint deployed on them.**| Defender Experts for Hunting also covers servers—whether on premises or on a hyperscale cloud service provider—that have Microsoft Defender for Endpoint deployed on them with a Microsoft Defender for Endpoint for Servers license. For Defender Experts coverage, a server is considered as a user seat for billing. The service doesn't cover Microsoft Defender for Cloud. [Learn more about specific hardware and software requirements](../defender-endpoint/minimum-requirements.md)|
44
44
|**Once I see a Defender Experts Notification, if I have questions, how do I communicate with the Defender Experts for Hunting team?**| We provide the **Ask Defender Experts** option inside the Microsoft Defender XDR security portal to get swift and accurate responses to all your threat hunting questions. However, the scope of questions for this service is limited to Defender Experts for Hunting questions only.|
45
-
|**What kinds of inquiries could I submit in the Ask Defender Experts capability?**| Ask Defender Experts is intended to provide a better understanding of complex threats affecting your organization – focused on products included in Microsoft Defender XDR that is Microsoft Defender for Endpoint, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identify. Inquiries related to custom detections in the above products (that is, non-Defender XDR and third-party cybersecurity products), bugs in your product experience in the Defender XDR portal, and those related to security incident response services cannot be handled by Ask Defender Experts. [See details on how to collaborate with Defender Experts](experts-on-demand.md).|
45
+
|**What kinds of inquiries could I submit in the Ask Defender Experts capability?**| Ask Defender Experts is intended to provide a better understanding of complex threats affecting your organization – focused on products included in Microsoft Defender XDR that is Microsoft Defender for Endpoint, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, and Microsoft Defender for Identify. Inquiries related to custom detections in the above products (that is, non-Defender XDR and third-party cybersecurity products), bugs in your product experience in the Defender XDR portal, and those related to security incident response services can't be handled by Ask Defender Experts. [See details on how to collaborate with Defender Experts](experts-on-demand.md).|
46
46
|**What certifications does the Defender Experts service have?**| Defender Experts for Hunting is certified for HIPAA and ISO.|
47
47
|**How is customer data protected?**|Review the section on data retention and protection.|
48
-
|**Does the hunting service offer Real-time threat remediation with boots on ground?**| No, the hunting service doesn't cover this type of scenario. Despite this, Microsoft provides professional on-site service through our Microsoft Incident Response team. This service requires a separate contract. We prioritize our customers’ needs and have a swift turnaround time. Contact your Customer Service Account Manager or CSAM for further assistance.|
49
-
|**Is there a graph API to fetch the Defender Experts Notifications content?**| Yes. For more details check [Access incident notifications using Graph API](access-den-graph-api.md).|
48
+
|**Does the hunting service offer Real-time threat remediation with boots on ground?**| No, the hunting service doesn't cover real-time threat remediation. Despite this, Microsoft provides professional on-site service through our Microsoft Incident Response team. This service requires a separate contract. We prioritize customer needs and have a swift turnaround time. Contact your Customer Service Account Manager or CSAM for further assistance.|
49
+
|**Is there a graph API to fetch the Defender Experts Notifications content?**| Yes. For more details, check [Access incident notifications using Graph API](access-den-graph-api.md).|
0 commit comments