If you’ve ever been confused by Microsoft’s offerings, their names, or what they include, you’re not alone. Even as a Microsoft Gold Partner, we have to stay on top of the seemingly ever-changing product terminology. Just as Microsoft is always looking to improve their technologies, it seems that what they call them is also under constant revision. Some of these rebrandings were highlighted at the recent fall Ignite conference, like the change from the Fluid framework to Microsoft Loop. There are several other terms that have been revised this year as well. Here’s a walkthrough of the Microsoft product name changes you’re likely to come across and what they refer to.
|Old Name||New Name|
|Microsoft Threat Protection||Microsoft 365 Defender|
|Microsoft Defender Advanced Threat Protection||Microsoft Defender for Endpoint|
|Office 365 Advanced Threat Protection||Microsoft Defender for Office 365|
|Microsoft Cloud App Security||Microsoft Defender for Cloud Apps|
|Azure Advanced Threat Protection||Microsoft Defender for Identity|
|Azure Security Center/Azure Defender||Microsoft Defender for Cloud|
|Azure Defender for IoT||Microsoft Defender for IoT|
|Azure Sentinel||Microsoft Sentinel|
Microsoft Threat Protection ➡ Microsoft 365 Defender
Microsoft Threat Protection was announced in 2018 as a way for Microsoft to strengthen its cybersecurity focus based on workable security, enterprise-class technology, and an emphasis on partnerships. This threat protection covered endpoints, user data, identities, cloud apps, and infrastructure. Now this overall protection is rebranded as Microsoft 365 Defender, which breaks down into the categories below.
Microsoft Defender Advanced Threat Protection ➡ Microsoft Defender for Endpoint
Many of these name changes were chosen in order to simplify and describe the product more precisely. What does Microsoft Defender Advanced Threat Protection (ATP) do? It automatically detects and remediates attacks on endpoint devices. In other words, it defends endpoints. Hence: Microsoft Defender for Endpoint.
Office 365 Advanced Threat Protection ➡ Microsoft Defender for Office 365
Defender for Office 365, formerly Office 365 ATP, is a cloud-based email protection service. It guards against malicious attacks like harmful links or attachments. It does this by filtering emails and sending suspicious ones through a sandbox chamber, then either sending them to the trash or rewriting them as safe to continue to the recipient.
Microsoft Cloud App Security ➡ Microsoft Defender for Cloud Apps
Microsoft Cloud App Security, or MCAS, is now Defender for Cloud Apps. This is a Cloud Access Security Broker (CASB) solution that provides visibility with security and compliance guidance in regard to cloud apps. In keeping with the Microsoft Defender brand, the name has changed slightly.
Azure Advanced Threat Protection ➡ Microsoft Defender for Identity
Azure is Microsoft’s cloud, analogous to other cloud environments like Amazon Web Services (AWS) or Google Cloud Platform (GCP). In order to avoid confusion, Microsoft is now shying away from using the name Azure for its security products. This is because those security products can work in any environment, be it Azure, AWS, GCP, or on-premise locations. So Azure ATP is now Microsoft Defender for Identity, which works with Active Directory to protect user identities and credentials.
Azure Security Center/Azure Defender ➡ Microsoft Defender for Cloud
Along the same lines, Azure Security Center and Azure Defender have been consolidated and rebranded under Microsoft Defender. This Cloud Security Posture Management (CSPM) protects workloads across multi-cloud and hybrid environments. It prioritizes sensitive cloud data and now provides native support for AWS.
Azure Defender for IoT ➡ Microsoft Defender for IoT
Also renamed is the portion of Microsoft’s efforts dedicated to the Internet of Things (IoT) and operational technology (OT), which has grown in recent years. Defender for IoT rapidly deploys network detection and response (NDR) for this uniquely vulnerable category of devices. Microsoft’s acquisition of ReFirms Labs this year has provided a boost to this newly revamped offering.
Azure Sentinel ➡ Microsoft Sentinel
The powerhouse combination of Security Information Event Management (SIEM) and Security Orchestration Automated Response (SOAR) Azure Sentinel is undergoing a similar name change as its buddies above. This highly scalable security intelligence service will continue to stand guard with its overarching view of any cloud or on-premise environment.
One More Note About Microsoft Product Name Changes
As you can see, most of these offerings now fall under the umbrella of Microsoft Defender. Many of them were previously called Azure. You may want to note that while the Azure title has been dropped for security products, it still applies to cloud-computing Infrastructure as a Service (IaaS) and related cloud services. Azure is still Microsoft’s cloud. Microsoft Defender works well with it, but it can also work with other clouds and even on the ground.
Not enough name changes for you? See the latest ones surrounding Microsoft Purview. Also see our blog on another recent Microsoft development: New Actions in Secure Score starting in December 2021.