Microsoft introduced two new capabilities to its Defender safety instruments — risk intelligence and exterior assault floor administration.
With Microsoft Defender Menace Intelligence, safety groups could have further context, insights, and knowledge to seek out attacker infrastructure and transfer to research and remediate quicker, the corporate mentioned in an announcement. Safety groups could have entry to real-time knowledge from each Microsoft Defender and Microsoft Sentinel to proactively hunt for threats.
“Microsoft Defender Menace Intelligence maps the web each day, offering safety groups with the required data to know adversaries, and their assault strategies,” the corporate mentioned in its announcement of the brand new safety options. “Clients can entry a library of uncooked risk intelligence detailing adversaries by identify,
correlating their instruments, techniques, procedures (TTPs), and might see energetic updates throughout the portal as new data is distilled from Microsoft’s safety alerts and specialists.”
Microsoft’s Defender Exterior Assault Floor Administration helps defenders discover beforehand invisible and unmanaged assets that may be seen and attacked from the Web. The system scans the Web each day to create a catalog of the surroundings and uncover unmanaged assets that could possibly be potential entry factors for an attacker.
“Steady monitoring, with out the necessity for brokers or credentials, prioritizes new vulnerabilities,” the corporate defined in a submit on the Microsoft Menace Intelligence weblog. “With a whole view of the group, clients can take really useful steps to mitigate danger by bringing these unknown assets, endpoints, and property beneath safe administration inside their SIEM and XDR instruments.”