Policy Enforcement Point
Azure Active Directory (AD) with Risk-based Conditional Access is the key mechanism in the Microsoft Zero Trust Architecture (ZTA) for enforcing policies on transactions.
Azure AD Identity Protection automates the detection and remediation of identity-based risks.
Microsoft Endpoint Manager (MEM) ensures devices meet security and compliance policies. Microsoft Defender for Endpoint (MDE) integrates a full suite of endpoint security into your ZTA.
Azure Security Center monitors infrastructure security posture and compliance. Azure Defender detects and blocks malware and threats across servers, data, cloud-native services, and IoT.
Applications & Data
Microsoft Cloud App Security (MCAS) provides end-to-end protection for cloud apps. Azure Purview provides unified governance for on-premises, multi-cloud, and Software-as-a-Service data.
Threat-Based Continuous Monitoring
Mandiant Security Validation (MSV) continuously tests the effectiveness of implemented security controls using automated threat emulation.
Sensor Grid & Data Responsitory
Data collection for Extended Detection and Response (XDR) is integrated together to detect advanced adversarial activities when the inline protection fails.
Automated Threat Management
Mandiant Automated Defense combines pre-built data science models with threat intelligence, the XDR, and core Zero Trust components to enrich escalation and prioritization.
Cyber Defense Augmentation
Mandiant Managed Defense and Expertise-on-Demand provide security operations access to scalable cyber defense expertise without building a cyber defense operations center.