Microsoft Defender ATP integrates with Delta Risk’s SOAR platform, ActiveEye
Delta Risk, a leading provider of SOC-as-a-Service and security services, announced the integration of Microsoft Defender Advanced Threat Protection (Defender ATP) with its cloud-native Security Orchestration and Automation (SOAR) platform, ActiveEye.
Support for Defender ATP comes as part of the company’s strategic approach to incorporating Microsoft security technologies.
Delta Risk provides Managed Detection and Response (MDR) for both new and existing Defender ATP customers who need an experienced partner to help them quickly identify and respond to endpoint threats with a 24×7 security operations center.
Defender ATP provides visibility and detection at the endpoint, and all data flows into the ActiveEye 2.0 platform via an API in real time.
“We’re pleased to add Defender ATP to the growing list of security solutions that we support,” said Scott Kaine, CEO. “Organizations that rely on Defender ATP often don’t have the expertise or staff they need in-house to manage it effectively, and with endpoint threats at an all-time high, it’s a critical component of an effective security strategy.”
Delta Risk’s ActiveEye platform offers visibility to all user activity from endpoint to cloud applications and provides direct integration with Microsoft Office 365, Azure Active Directory (Azure AD), and Microsoft Security Center.
Defender ATP is a unified next-generation anti-virus (NGAV) and endpoint detection and response (EDR) platform that provides visibility and detection to protect endpoint devices like laptops and mobile phones from security threats.
ActiveEye also integrates with other next-generation EDR solutions such as Carbon Black, CrowdStrike, and Sophos, as well as networks, cloud application and infrastructure, delivering complete visibility across an organization.
With a focus on advanced security automation, ActiveEye eliminates more than 95 percent of false positives from thousands of daily security alerts generated by Defender ATP as well as other next-generation endpoint detection and response solutions, security information and event management (SIEM) devices and software, cloud applications, and cloud infrastructure.
ActiveEye’s “virtual analysts” investigate potential incidents as they’re detected to determine if they are valid or not, enabling human analysts to respond faster to actual threats.
“Detecting anomalies is important but having the expertise to decipher false alarms from actual threats takes experience,” said John Hawley, Chief Product Officer.
“The analysts at Delta Risk are responding to and resolving threats daily. We’ve helped more than 30 new clients in just the past 45 days alone who’ve been compromised and need help monitoring their endpoints and environment to be sure they’re not re-infected.”
Endpoint security and managed detection and response are critical aspects of cyber security for small to medium sized businesses and state and local governments, as the threat from ransomware attacks is increasing and more employees than ever are working remotely or using endpoint devices to access corporate networks and data.