Monitor adversaries and enhance posture with Microsoft risk intelligence options | Azure Weblog and Updates


Immediately, we’re thrilled to announce two new safety merchandise pushed by our acquisition of RiskIQ simply over one yr in the past that ship on our imaginative and prescient to offer deeper context into risk actors and assist clients lock down their infrastructure.

Monitor risk actor exercise and patterns with Microsoft Defender Risk Intelligence

This new product helps safety operations groups uncover attacker infrastructure and speed up investigation and remediation with extra context, insights, and evaluation than ever earlier than. Whereas risk intelligence is already constructed into the true time detections of our platform and safety merchandise like Microsoft Sentinel, clients additionally want direct entry to real-time knowledge and Microsoft’s unmatched sign to proactively hunt for threats throughout their environments.

For instance, adversaries usually run their assaults from many machines, with distinctive IP addresses. Tracing the actor behind an assault and monitoring down their complete toolkit is difficult and time-consuming. Utilizing built-in AI and machine studying, Defender Risk Intelligence uncovers the attacker or risk household and the weather of their malicious infrastructure. Armed with this info, safety groups can then discover and take away adversary instruments inside their group and block their future use in instruments like Microsoft Sentinel, serving to to forestall future assaults.

See your corporation the way in which an attacker can with Microsoft Defender Exterior Assault Floor Administration

The brand new Defender Exterior Assault Floor Administration offers safety groups the flexibility to find unknown and unmanaged sources which can be seen and accessible from the web—primarily the identical view an attacker has when choosing their goal. Defender Exterior Assault Floor Administration helps clients uncover unmanaged sources that may very well be potential entry factors for an attacker.

Microsoft Defender Exterior Assault Floor Administration scans the web and its connections each day. This builds a whole catalogue of a buyer’s setting, discovering internet-facing sources, even the agentless and unmanaged property. Steady monitoring, with out the necessity for brokers or credentials, prioritizes new vulnerabilities. With this entire view of the group, clients can take really helpful steps to mitigate threat by bringing these sources underneath safe administration inside instruments like Microsoft Defender for Cloud.

Learn the total risk intelligence announcement and to study extra about how Microsoft Defender Risk Intelligence and Microsoft Sentinel work collectively, learn the Tech Communities weblog.

Moreover, within the spirit of steady innovation and bringing as a lot of the digital setting underneath safe administration as doable, we’re proud to announce the brand new Microsoft Sentinel answer for SAP. Safety groups can now monitor, detect, and reply to SAP alerts all from our cloud-native SIEM, Microsoft SIEM.

To study extra about these merchandise and to see dwell demos, go to us at Black Hat USA, Microsoft Sales space 2340. It’s also possible to register now for the Cease Ransomware with Microsoft Safety digital occasion on September 15, 2022, to observe in-depth demos of the newest risk intelligence expertise.


Please enter your comment!
Please enter your name here