Cybersecurity

Security: Microsoft tools for the change of perspective show the attacker’s point of view

Published

on

Two transparency tools expand Microsoft’s security tool portfolio. One screens the attackers, a second the Internet connections of the company devices.

 

Microsoft has announced two new security tools for companies. Microsoft Defender External Attack Surface Management provides the external view of the company’s devices, Microsoft Defender Threat Intelligence analyzes the attackers on the company networks. Both services are intended to provide customers with real-time access to the analyses.

External Attack Surface Management is intended to provide an overview of all Internet-connected devices in a company. This is particularly important in fast-growing companies, where you can quickly lose track of the entire internal IT. External Attack Surface Management’s complete analysis of the entire IT infrastructure also lists the agentless and non-human managed resources that are often overlooked.

The tool thus provides the same view of the corporate environment, including possible gateways, that potential attackers also find when looking for targets.

Microsoft Defender Threat Intelligence is intended to analyze attack patterns and the identities of attackers in real time and make the information available to the SecOps in companies. This is intended to support security teams in preventing attacks, but also in responding to incidents.

As an example, Microsoft cites attacks that are carried out with multiple devices, each with its own IP address. In such cases, it is difficult and time-consuming to reproduce the full attack yourself. With threat intelligence, the provider now wants to automatically disclose these processes with the help of AI and ML. Customers should also receive real-time access to Microsoft’s Security Signals threat library, which lists possible attackers by name with the tools and tactics they use.

The two new tools are to be available as standalone tools and are the result of Microsoft’s acquisition of the security software company RiskIQ last year, as the company writes in the blog post accompanying the announcement.

Leave a Reply

Your email address will not be published. Required fields are marked *

Trending

Exit mobile version