In August this year, Microsoft announced innovative solutions for attack surface management and threat intelligence.
Microsoft Defender Threat Intelligence
Nowadays, any device connected to the net is vulnerable to attack. Therefore, understanding the technical and susceptibility gaps is essential to mitigate the vulnerability.
Defender Threat Intelligence is made in such a way that it maps the internet on a day-to-day basis. The daily mapping enables security experts to receive critical information to understand probable attack techniques.
Customers can easily access a threat intelligence library that details adversaries and attack techniques.
READ MORE: Russian Attack Aftermath: The U.S Is Taking Proactive Measures to Defend Intrusion
So, in other words, defender threat intelligence uncovers the attackers besides the threat family behavior. As a result, it becomes an easy task to find, prevent and delete adversary tools within an enterprise.
The security research team involved in the process has leveraged their technical expertise learned from the Microsoft Threat Intelligence Center and RisklQ along with the 365 Defender Security research team.
READ MORE: Threat Modelling, the Latest Focus in Enterprise Security
Microsoft Defender External Attack Surface Management
This product from Microsoft carries out scanning of the internet along with its connections on a day-to-day basis. As a result, a comprehensive catalog of the customer’s environment is made. Internet-facing resources are identified. This applies to both unmanaged and agentless assets. Constant observation is present, and as a result, it is possible to prioritize the latest vulnerabilities.
In other words, this innovative tool from Microsoft enables security teams to identify unmanaged and unknown resources. This applies to both accessible and visible resources from the internet.