If you read my last post about Microsoft 365 certifications, you probably noticed that it talks about lots of different products and services – it’s a pretty big suite.  If you’re like me, you are probably aware of the core components like Windows 10 Enterprise, Office 365, Microsoft Endpoint Manager, Teams, and Azure AD Premium, but when you get into the security products it gets a little more fuzzy. 

You can see the full list in the comparison matrices for Microsoft 365 Enterprise and Microsoft 365 Education (click on the “Compare Microsoft 365 Education Plans” link to see the grid).  Or you can look at the grid PDF document from the documentation page:

For the most part, it’s the E5/A5 subscriptions that contain the bulk of the security functionality (so if you’re looking at a certification, it would be good to have at least one of those subscriptions). 

Here’s my “super-simplified cheat sheet” on the security features:

• Windows Defender Advanced Threat Protection.  This is a sophisticated security solution for Windows 10 that you have to try out if you haven’t already.  It helps with preventing attacks, detecting breaches, investigating and remediating breaches, and much more.
• Office 365 Advanced Threat Protection.  This one is a security solution for your e-mail system: checking attachments and links, detecting phishing, and tracking threats.
• Azure Advanced Threat Protection.  This one surprised me, because of how it monitors your Active Directory environment for suspicious behavior (e.g. seeing the use of scanning tools, or lateral movement of an account across many machines).  Install an agent on your domain controllers and get alerts when bad things are happening.
• Advanced Threat Analytics.  This is an on-premises tool for watching what’s going on with your Active Directory domain controllers.  It’s similar in many ways to Azure Advanced Threat Protection – you probably don’t need both.
• Azure Information Protection.  Classify and protect your data – e-mail, documents, etc.  The exact capabilities can vary, see the grid for more details.
• Office 365 Data Loss Prevention.  Make sure users don’t accidentally share sensitive information. 
• Microsoft Cloud App Security.  See what cloud apps your users are using, with or without your permission, with information fed from other apps or proxy servers (ick). 

There’s also a full list of compliance solutions too, but my head hurts with just the security products.  Start here to learn more about those.