Microsoft introduced two new capabilities to its Defender safety instruments — risk intelligence and exterior assault floor administration.
With Microsoft Defender Risk Intelligence, safety groups may have further context, insights, and information to seek out attacker infrastructure and transfer to analyze and remediate quicker, the corporate mentioned in an announcement. Safety groups may have entry to real-time information from each Microsoft Defender and Microsoft Sentinel to proactively hunt for threats.
“Microsoft Defender Risk Intelligence maps the web day by day, offering safety groups with the required info to grasp adversaries, and their assault methods,” the corporate mentioned in its announcement of the brand new safety options. “Clients can entry a library of uncooked risk intelligence detailing adversaries by identify,
correlating their instruments, ways, procedures (TTPs), and might see lively updates throughout the portal as new info is distilled from Microsoft’s safety alerts and specialists.”
Microsoft’s Defender Exterior Assault Floor Administration helps defenders discover beforehand invisible and unmanaged sources that may be seen and attacked from the Web. The system scans the Web each day to create a catalog of the setting and uncover unmanaged sources that could possibly be potential entry factors for an attacker.
“Steady monitoring, with out the necessity for brokers or credentials, prioritizes new vulnerabilities,” the corporate defined in a submit on the Microsoft Risk Intelligence weblog. “With an entire view of the group, prospects can take really helpful steps to mitigate danger by bringing these unknown sources, endpoints, and property beneath safe administration inside their SIEM and XDR instruments.”