Immediately, we’re thrilled to announce two new safety merchandise pushed by our acquisition of RiskIQ simply over one 12 months in the past that ship on our imaginative and prescient to offer deeper context into menace actors and assist prospects lock down their infrastructure.
Observe menace actor exercise and patterns with Microsoft Defender Risk Intelligence
This new product helps safety operations groups uncover attacker infrastructure and speed up investigation and remediation with extra context, insights, and evaluation than ever earlier than. Whereas menace intelligence is already constructed into the actual time detections of our platform and safety merchandise like Microsoft Sentinel, prospects additionally want direct entry to real-time information and Microsoft’s unmatched sign to proactively hunt for threats throughout their environments.
For instance, adversaries usually run their assaults from many machines, with distinctive IP addresses. Tracing the actor behind an assault and monitoring down their whole toolkit is difficult and time-consuming. Utilizing built-in AI and machine studying, Defender Risk Intelligence uncovers the attacker or menace household and the weather of their malicious infrastructure. Armed with this data, safety groups can then discover and take away adversary instruments inside their group and block their future use in instruments like Microsoft Sentinel, serving to to stop future assaults.
See your corporation the way in which an attacker can with Microsoft Defender Exterior Assault Floor Administration
The brand new Defender Exterior Assault Floor Administration offers safety groups the power to find unknown and unmanaged assets which might be seen and accessible from the web—basically the identical view an attacker has when choosing their goal. Defender Exterior Assault Floor Administration helps prospects uncover unmanaged assets that might be potential entry factors for an attacker.
Microsoft Defender Exterior Assault Floor Administration scans the web and its connections every single day. This builds a whole catalogue of a buyer’s setting, discovering internet-facing assets, even the agentless and unmanaged belongings. Steady monitoring, with out the necessity for brokers or credentials, prioritizes new vulnerabilities. With this whole view of the group, prospects can take beneficial steps to mitigate threat by bringing these assets underneath safe administration inside instruments like Microsoft Defender for Cloud.
Learn the complete menace intelligence announcement and to study extra about how Microsoft Defender Risk Intelligence and Microsoft Sentinel work collectively, learn the Tech Communities weblog.
Moreover, within the spirit of steady innovation and bringing as a lot of the digital setting underneath safe administration as potential, we’re proud to announce the brand new Microsoft Sentinel answer for SAP. Safety groups can now monitor, detect, and reply to SAP alerts all from our cloud-native SIEM, Microsoft SIEM.
To study extra about these merchandise and to see stay demos, go to us at Black Hat USA, Microsoft Sales space 2340. You may as well register now for the Cease Ransomware with Microsoft Safety digital occasion on September 15, 2022, to observe in-depth demos of the newest menace intelligence know-how.
