You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
To enable the managed security service provider (MSSP) integration, follow the guidance in this article.
31
+
## Managed security service provider partnership opportunities
32
+
33
+
Security is recognized as a key component in running an enterprise; however, some organizations might not have the capacity or expertise to have a dedicated security operations team to manage the security of their endpoints and network, others may want to have a second set of eyes to review alerts in their network.
34
+
35
+
To address this demand, managed security service providers (MSSP) offer to deliver managed detection and response (MDR) services on top of Defender for Endpoint.
36
+
37
+
Defender for Endpoint adds partnership opportunities for this scenario and allows MSSPs to take the following actions:
38
+
39
+
- Get access to MSSP customer's Microsoft Defender portal
40
+
- Get email notifications
41
+
- Fetch alerts through security information and event management (SIEM) tools
32
42
33
43
> [!NOTE]
34
44
> The following terms are used in this article to distinguish between the service provider and service consumer:
35
45
>
36
46
> - MSSPs: Security organizations that offer to monitor and manage security devices for an organization.
37
47
> - MSSP customers: Organizations that engage the services of MSSPs.
38
48
39
-
The integration allows MSSPs to take the following actions:
40
-
41
-
- Get access to MSSP customer's Microsoft Defender portal
42
-
- Get email notifications, and
43
-
- Fetch alerts through security information and event management (SIEM) tools
49
+
## MSSP integration
44
50
45
-
Before MSSPs can take these actions, the MSSP customer needs to grant access to their Defender for Endpoint tenant so that the MSSP can access the portal.
51
+
To enable MSSP integration, the MSSP customer needs to grant access to their Defender for Endpoint tenant so that the MSSP can access the portal.
46
52
47
53
Typically, MSSP customers take the initial configuration steps to grant MSSPs access to their Windows Defender Security Central tenant. After access is granted, the MSSP or customer can do the other configuration steps. In general, these are the configuration steps to complete:
48
54
@@ -57,23 +63,11 @@ Typically, MSSP customers take the initial configuration steps to grant MSSPs ac
57
63
58
64
For information on how to implement a multitenant delegated access, see [multitenant access for Managed Security Service Providers](https://techcommunity.microsoft.com/t5/microsoft-defender-atp/multi-tenant-access-for-managed-security-service-providers/ba-p/1533440).
59
65
60
-
## Managed security service provider partnership opportunities
61
-
62
-
Security is recognized as a key component in running an enterprise; however, some organizations might not have the capacity or expertise to have a dedicated security operations team to manage the security of their endpoints and network, others may want to have a second set of eyes to review alerts in their network.
63
-
64
-
To address this demand, managed security service providers (MSSP) offer to deliver managed detection and response (MDR) services on top of Defender for Endpoint.
65
-
66
-
Defender for Endpoint adds partnership opportunities for this scenario and allows MSSPs to take the following actions:
67
-
68
-
- Get access to MSSP customer's Microsoft Defender portal
69
-
- Get email notifications, and
70
-
- Fetch alerts through security information and event management (SIEM) tools
71
-
72
-
73
66
## Related articles
74
67
75
68
-[Grant MSSP access to the portal](grant-mssp-access.md)
76
69
-[Access the MSSP customer portal](access-mssp-portal.md)
0 commit comments