Multi-Tenant Security Using Microsoft Defender XDR

• Microsoft Defender XDR helps security teams monitor and analyze Microsoft 365 services, including across tenancies.
• It can help hunt for security incidents and evaluate vulnerabilities across multiple tenancies to ensure the organization is promptly addressing them. 
• Cross-tenant security is becoming increasingly important, and Microsoft is centralizing on Defender XDR as its security and incident portal.
• The portal is a central point for analysis and monitoring, but not management.

The Microsoft Defender XDR portal supports security teams and partners accessing multiple tenancies of Microsoft 365 security services, allowing them to work with tenancies in aggregate or individually. Defender XDR (eXtended Detection and Response) helps with comprehensive oversight, incident management, and incident hunting; however, there are limitations. It is not intended to manage the individual tenant level security services where it gathers the alerts and incidents. As a result, administrators still need to consult portals for the individual Microsoft security services to perform deeper deployment, management, or incident remediation. Enough multi-tenant capabilities are in place that partners and organizations with complex architectures may find more efficiency and effective hunting with the Defender XDR portal.