Microsoft today unveiled two new security products, Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management which are designed to provide organisations with a wider insight into security threat operation, as well as to assist them in locking down their infrastructure and reducing their general attack surface.
About Microsoft Defender Threat Intelligence
Microsoft is utilising RiskIQ’s technology in Defender Threat Intelligence to map the internet every day, providing the security teams with the information they need to better understand rivals and their attack techniques.
The service also offers users a library of raw threat intelligence and analysis from Microsoft’s security experts, which should assist security teams in locating, removing, and blocking adversary tools that may be hidden within their organisation. Furthermore, this intelligence also improves the detection capabilities of Microsoft Sentinel and the whole Microsoft Defender products.
What is Microsoft Defender External Attack Surface Management?
The role of Microsoft Defender External Attack Surface Management is to scan the internet and its connections every day and create a complete catalogue of an organization’s background by discovering internet-facing resources, including agentless and unmanaged assets. This service assists these security teams in comprehending how a potential attacker perceives their network
Moreover, this comprehensive view of the organisation enables businesses to take recommended risk-mitigation steps and secure these unknown resources, endpoints, and assets within their security information and event management (SIEM) and extended detection and response tools.
To better understand the nature of multiple cyber threats, Microsoft is constantly gathering signal and threat intelligence across the digital estate to track threat actors far more closely. To learn more about Microsoft’s latest threat intelligence offerings, you can visit Microsoft Security’s website.