The Microsoft products that you can use in your Microsoft Cybersecurity Architectures

Jiadong Chen
2 min readJan 10, 2023

If your role is responsible for designing and developing a cybersecurity strategy to protect your organization’s mission and business processes across all aspects of the enterprise architecture using Microsoft products, then I highly recommend you check out the Microsoft Cybersecurity Reference Architectures (MCRA), which describes Microsoft’s cybersecurity capabilities. And this blog post will list each major security domain you can find in MCRA, the Microsoft products within it and demonstrate how key Microsoft technologies fit into that landscape.

Let’s move on!

👉 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟏 — 𝐈𝐝𝐞𝐧𝐭𝐢𝐭𝐲 𝐚𝐧𝐝 𝐀𝐜𝐜𝐞𝐬𝐬

Azure Active Directory: Password-less & MFA, Hello for Business, Authenticator App, FIDO2 Keys, Azure AD PIM, B2B & B2C.

Identity Protection: Leaked Credential Protection.

Identity Governance: Identity, Access, and Privileged Access Lifecycle, Entitlement Management, Access Requests, Workflow, Policy and Role Management, Governance Enforcement.

Defender for Identity: User Behavior and Activities, Investigate Alerts, AD FS Protection, Lateral Movement Detection.

👉 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟐 — 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬

Microsoft 365 Defender: Extended Detection and Response (XDR). Cloud, Endpoint, Office 365, Identity, SaaS.

Microsoft Sentinel: Cloud Native SIEM, SOAR.

👉 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟑 — 𝐄𝐧𝐝𝐩𝐨𝐢𝐧𝐭 𝐚𝐧𝐝 𝐃𝐞𝐯𝐢𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲

Microsoft Endpoint Manager: Intune and Configuration Manager.

Microsoft Defender for Endpoint:

👉 𝐃𝐨𝐦𝐚𝐢𝐧 #𝟒 — 𝐇𝐲𝐛𝐫𝐢𝐝 𝐈𝐧𝐟𝐫𝐚𝐬𝐭𝐫𝐮𝐜𝐭𝐮𝐫𝐞



Jiadong Chen

Microsoft MVP, MCT | Azure Certified Solutions Architect & Cybersecurity Architect Expert | Member of .NET Foundation | Packt Author