Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.
Microsoft announced two new capabilities to its Defender security tools — threat intelligence and external attack surface management.
With Microsoft Defender Threat Intelligence, security teams will have additional context, insights, and data to find attacker infrastructure and move to investigate and remediate faster, the company said in an announcement. Security teams will have access to real-time data from both Microsoft Defender and Microsoft Sentinel to proactively hunt for threats.
"Microsoft Defender Threat Intelligence maps the internet every day, providing security teams with the necessary information to understand adversaries, and their attack techniques," the company said in its announcement of the new security solutions. "Customers can access a library of raw threat intelligence detailing adversaries by name, correlating their tools, tactics, procedures (TTPs), and can see active updates within the portal as new information is distilled from Microsoft's security signals and experts."
Microsoft's Defender External Attack Surface Management helps defenders find previously invisible and unmanaged resources that can be seen and attacked from the Internet. The system scans the Internet daily to create a catalog of the environment and uncover unmanaged resources that could be potential entry points for an attacker.
"Continuous monitoring, without the need for agents or credentials, prioritizes new vulnerabilities," the company explained in a post on the Microsoft Threat Intelligence blog. "With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their SIEM and XDR tools."
About the Author(s)
You May Also Like
Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024