You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-xdr/data-privacy.md
+15-6Lines changed: 15 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,7 +19,7 @@ ms.topic: conceptual
19
19
search.appverid:
20
20
- MOE150
21
21
- MET150
22
-
ms.date: 05/14/2024
22
+
ms.date: 07/14/2024
23
23
---
24
24
25
25
# Microsoft Defender XDR data security and privacy
@@ -29,15 +29,24 @@ ms.date: 05/14/2024
29
29
30
30
**Applies to:**
31
31
- Microsoft Defender XDR
32
+
- Microsoft Sentinel in the Microsoft Defender portal
32
33
33
34
Microsoft Defender XDR operates in Microsoft Azure data centers in the European Union, the United Kingdom, the United States, Australia, and Switzerland. Customer data collected by the service is stored at rest in (a) the geo-location of the tenant as identified during provisioning or, (b) the geo-location as defined by the data storage rules of an online service if this online service is used by Microsoft Defender XDR to process such data.
34
35
35
36
Customer data in pseudonymized form might also be stored in central storage and processing systems in the United States.
36
37
37
-
For more information on the data storage and privacy information of the specific products, see:
38
-
-[Microsoft Defender for Endpoint data storage and privacy](/windows/security/threat-protection/microsoft-defender-atp/data-storage-privacy)
39
-
-[Microsoft Defender for Cloud Apps data security and privacy](/cloud-app-security/cas-compliance-trust)
40
-
-[Microsoft Defender for Identity data security and privacy](/defender-for-identity/privacy-compliance)
41
-
-[Microsoft 365 privacy, security, and transparency](/office365/servicedescriptions/office-365-platform-service-description/privacy-security-and-transparency#advanced-threat-protection)
38
+
The table below shows the general information on the data storage and privacy of specific service sources in Defender XDR:
39
+
40
+
|Product|Data retention policy|More information|
41
+
|:---:|:---:|:---:|
42
+
|Microsoft Defender for Endpoint|180 days|[Defender for Endpoint data storage and privacy](/defender-endpoint/data-storage-privacy)|
43
+
|Microsoft Defender for Office 365|Varies according to feature and license|[Defender for Office 365 data retention information](/defender-office-365/mdo-data-retention)|
44
+
|Microsoft Defender for Identity|180 days|[Defender for Identity data storage and privacy](/defender-for-identity/privacy-compliance)|
45
+
|Microsoft Defender for Cloud Apps|180 days|[Defender for Cloud Apps data storage and privacy](/defender-cloud-apps/cas-compliance-trust)|
46
+
|Microsoft Entra|Varies according to feature and license|[Microsoft Entra data storage and privacy](/entra/identity/monitoring-health/reference-reports-data-retention)|
47
+
|Microsoft Sentinel|90 days for Basic logs, varies depending on pricing|[Microsoft Sentinel pricing](https://azure.microsoft.com/pricing/details/microsoft-sentinel/)|
48
+
49
+
> [!NOTE]
50
+
> [Advanced hunting](advanced-hunting-overview.md) lets you query up to 30 days of raw data.
0 commit comments