Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More

Trustwave's 2024 Financial Services Threat Reports Highlight Alarming Trends in Insider Threats & Phishing-as-a-Service. Learn More

Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

Identity, Endpoints, and the Cloud Drive the Microsoft Security Product E5 Decision

For companies with the Microsoft 365 E3 license, the decision on whether to upgrade to 365 E5 is likely taken into consideration, and security should certainly be included. With E5, companies will likely find security upgrades in three key areas: identity management, endpoints, and cloud.

So says David Broggy, Trustwave's Senior Solutions Architect, Implementation Services, and a 2024 recipient of the Microsoft MVP Award, in a recent webinar on transitioning from Microsoft E3 to E5. "You get basic features with E3, but the E5 gives you a lot more options," he says. In fact, E5 includes at least 30 additional Microsoft Security products as compared to E3, according to a detailed Microsoft comparison chart.

Trustwave is a Microsoft Security Partner, so folks like Broggy have a long history with Microsoft Security products, and he has plenty of advice on what to focus on in terms of making the most out of an investment in the Microsoft 365 E5 license.

 

Identity and Access Management

E5 protections begin with identity, including authenticating users as they log in. Microsoft Entra (the former Active Directory) includes some valuable risk detection features, Broggy notes.

"They're monitoring users' activities and looking for high-risk activity," he says. "And there's some machine learning in the backend that detects anomalies."

E5 also supports conditional access, which can mean granting users access to sensitive resources when they're on-site but not via public Wi-Fi from a coffee shop, for example.

Another valuable feature is access reviews, an Entra ID feature that enables organizations to manage group memberships and roles. Access reviews make it easier to ensure only authorized users can access various resources.

With the E5 license, users also get access to a security agent that enables them to implement Global Secure Access, Microsoft's zero-trust network access implementation. GSA "simplifies access policy management and enables access orchestration for employees, business partners, and digital workloads. You can continuously monitor and adjust user access in real-time if permissions or risk level changes," according to Microsoft.

In practice, GSA enables identity protection even for applications that don't have it natively, Broggy says.

 

Microsoft Offers Advanced Endpoint Protection

The E5 license also gives users significant endpoint security features and applications, including Defender for Endpoint and Defender for Servers.

"Getting endpoint protection on all your endpoints, servers, and workstations is a really big deal," Broggy says. "That means you have security across the board, whether it's on-prem or in the cloud, for those devices."

Additionally, the Defender applications provide visibility into other connected devices on the network that may not be secure.

"The applications that are running, all the web traffic coming from those machines going out to the internet, you see all of that," he says. "Now you can protect not just the endpoint but also the applications users are using and understand all the associated vulnerabilities."

 

Microsoft Cloud Security Offerings

Microsoft Defender for Cloud Apps is a cloud access security broker that ensures such protection extends to web applications, including software-as-a-service (SaaS) apps. This helps identify any risky web apps, Broggy says. "It also helps you identify shadow IT," he notes, which are SaaS applications that individual business units may have installed without informing IT.

Another similarly named application, Defender for Cloud, is a cloud security posture management tool that monitors your cloud infrastructure.

"Defender for Cloud is watching everything, every single resource in the cloud, and automatically providing security advisories and concerns," Broggy says. He notes users can set up alerts based on their risk tolerances and policies.

 

Expert Help with Microsoft Security Solutions

If all this sounds like a lot to bite off, it may well be. Broggy says training is required to understand all the ins and outs of the Microsoft Security product suite. That's why Trustwave has developed a series of offerings to help clients extract full value from their Microsoft Security investments.

The offerings include "accelerators" that provide roadmaps for implementing Microsoft Security products, expert consulting services, and managed services, including MXDR for Microsoft, which is an extended threat detection, hunting, investigation, and response service that integrates with Microsoft Sentinel and the Microsoft Defender XDR suite.

There's significant value in the Microsoft security products included with the E5 license. To learn more, check out the entire series of Trustwave webinars, "Unlocking the Power of Microsoft Security."

ABOUT TRUSTWAVE

Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.

Latest Intelligence

Discover how our specialists can tailor a security program to fit the needs of
your organization.

Request a Demo