May 10 2021 09:35 AM - last edited on Nov 30 2021 01:43 PM by Allen
I'm Ricky and I'm the Product Marketing Manager for Microsoft Defender for Identity. I was looking to start a discussion with the outstanding community we are fortunate to have here around a topic I've been tracking.
I was looking for input around cloud based security and the merits it provides, and how this stacks up against your views of how you've maybe tackled security updates in the past. Defender for Identity's capabilities are excellent because we offer cloud based protection in an age of advanced threats being able to propagate throughout an environment very quickly.
I'm looking to uncover your views on the process of connecting your DCs to the internet (via a highly configured one way proxy of course) to gain all the benefits that Defender for Identity offers. Specifically, I'd be interested to know whether it would be perceived as a bigger or smaller risk of not having Defender for Identity protection, and what you're doing to help protect your on-premises identities as is. If this is the case, how are you correlating this information with other data sources from security products?
It would also be great to see any opinions on how updates are perceived. Does the benefits of having cloud based servicing to Defender for Identity provide enough advantages in today's security landscape as opposed to waiting for updates to land on Patch Tuesday, for example?
Maybe you're already a Defender for Identity customer and you went through this risk analysis before you implemented the solution - it would be great to get your viewpoint too.
There are no right or wrong answers here, and I just want to see a variety of opinions on the subject.
Thanks for getting involved. Will be great to see some feedback on this!