Image 2: Microsoft 365 Defender RBAC main grid. To make it easy for you to adopt the new RBAC model, we support role import capabilities so that you can import existing roles from any of our current individual RBAC models to the new Microsoft 365 Defender RBAC model with a click of a button. However, if needed, a role can be scoped to one or more specific data sources. By default, custom roles created in the Microsoft 365 Defender RBAC model are scoped to all data sources. In the new model, permissions can be scoped to individual users and/or security groups.
For example, the “Security operations” category includes permissions that are required to perform daily security operations activities and allows admins to either grant out-of-the-box permissions on a per category basis or select permissions one-by-one for custom roles. The new model organizes permissions by categories. While Defender for Cloud Apps is not covered in this initial preview, it will be added to the new RBAC model in the future. The new RBAC model now takes this experience to the next level by allowing admins to centrally manage privileges across these services with a greater efficiency. Microsoft 365 Defender provides integrated threat protection, detection, and response across endpoints, email, identities, applications, and data within a single portal. The new Microsoft 365 Defender RBAC experience
Image 1: Access to the new Microsoft 365 Defender RBAC model from the Permissions page Additionally, the new model is fully compatible with existing individual RBAC models currently supported in Microsoft 365 Defender portal. It offers a unified and granular cross-services access permission model to help the Security Operations Center (SOC) increase productivity across the various Microsoft Defender products. The new Microsoft 365 Defender RBAC model, part of Microsoft’s leading Extended Detection and Response (XDR) solution, is an impactful enabler for security admins to centrally manage privileges across domains. We are excited to announce the public preview of a central role-based access control (RBAC) capability to help unify roles and permissions management across Microsoft Defender for Endpoint, Microsoft Defender for Office 365, and Microsoft Defender for Identity.
0 kommentar(er)
