Microsoft introduced two new features to its Defender safety gear — danger intelligence and exterior assault floor control.
With Microsoft Defender Risk Intelligence, safety groups may have further context, insights, and knowledge to seek out attacker infrastructure and transfer to analyze and remediate quicker, the corporate mentioned in a press release. Safety groups may have get right of entry to to real-time information from each Microsoft Defender and Microsoft Sentinel to proactively hunt for threats.
“Microsoft Defender Risk Intelligence maps the web on a daily basis, offering safety groups with the essential data to grasp adversaries, and their assault tactics,” the corporate mentioned in its announcement of the brand new safety answers. “Shoppers can get right of entry to a library of uncooked danger intelligence detailing adversaries via identify,
correlating their gear, techniques, procedures (TTPs), and will see energetic updates throughout the portal as new data is distilled from Microsoft’s safety alerts and mavens.”
Microsoft’s Defender Exterior Assault Floor Control is helping defenders in finding in the past invisible and unmanaged assets that may be observed and attacked from the Web. The gadget scans the Web day-to-day to create a catalog of our environment and discover unmanaged assets which may be doable access issues for an attacker.
“Steady tracking, with out the desire for brokers or credentials, prioritizes new vulnerabilities,” the corporate defined in a submit at the Microsoft Risk Intelligence weblog. “With a whole view of the group, shoppers can take really helpful steps to mitigate possibility via bringing those unknown assets, endpoints, and property below protected control inside of their SIEM and XDR gear.”