A Design Collaboration with Microsoft

No Stone Left Unturned

About 4 years ago, Critical Start received multiple requests to support Microsoft Defender for Endpoint from customers pursuing an E5 license agreement. Since the development of that initial integration, we’ve continued to expand our service offerings while Microsoft has expanded its product portfolio – allowing us to leverage Microsoft Sentinel, and the rest of the Defender suite – to deliver our world-class managed detection and response (MDR) solution. Even though we built relationships across the Microsoft team with product managers, engineers, and executives, our feature releases had always been reactionary to new Microsoft capabilities. This design collaboration has changed that…

In the fall of 2021, we received an outreach from Microsoft regarding the expansion of their Microsoft Security Experts services who invited us to participate in a “design collaboration”, wherein Microsoft would proactively share their thoughts around the coming service and solicit feedback and input from a select group of service partners. While not entirely sure what this entailed, Critical Start has always placed an emphasis on aligning with our Alliance Partners to drive features that allow us to deliver more value to our customers, so we were in.

Our kickoff meeting provided clarity around the goal and intent of the program, as well as the reason for alignment. Microsoft acknowledged that while they were developing services to help combat the uptick in cybercrime, integration with partners that would provide more tailored and specialized services was absolutely necessary for the protection of our technological lifestyle.

Formal meetings were held twice monthly with leads from Critical Start’s development and product teams, and teams of engineers from Microsoft, including the Corporate Vice President of Engineering for Microsoft, Rob Lefferts. Through these formal meetings, and the countless email threads and smaller meetings between, Microsoft sought to not only understand the service we provided and how, but also what they could do to increase the value of our services through additional features, functionality, and alignment with their new Microsoft Security Experts offering.

“Microsoft worked with Critical Start in the design process because of their expert use of the capabilities inside Microsoft 365 Defender to deliver their managed detection and response service. The input and feedback provided was instrumental in the development of a solution that will dramatically improve the security of our mutual customers.” Andrew Conway, Vice President, Security Marketing at Microsoft.

These meetings culminated in a Microsoft Engineering “Hackathon”, tasking their teams with solving the problems laid during our feedback and input sessions. After a couple of weeks, our next meeting would outline their proposed solutions, and solutions they had. While I can’t go into the details of the solutions, I can say that nothing was off-limits, and no stone was left unturned. Looking at everything from new APIs to data schemas, the Microsoft Team appeared to take a “from-scratch” approach, and created our requests out of new-cloth, instead of tinkering and tweaking existing code to shoe-horn in something “good enough”. Also, in-scope were processes and procedures for both procurement and collaboration to allow customers to easily consume a wholistic service.

When Microsoft first entered the realm of enterprise security, I think there was universal skepticism from the security community. However, with customer and partner focus driving their leadership and investment, it’s not hard to see why Microsoft is now among the elite cybersecurity companies.

For more information on Microsoft Security Experts, read Microsoft’s full announcement.