IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft unveils new threat intelligence and surface management solutions

New Microsoft Defender offerings aim to offer deeper insights into threat actors and their behaviours

threats

Microsoft has announced two new key security products in the shape of Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management. 

The new solutions have been designed to provide users with deeper context into threat actor activity, Microsoft said, which will help organizations lock down their infrastructure and reduce their overall attack surface.

The move marks the first time the Redmond giant has harnessed the technology from RiskIQ, the security software company it acquired for around $500 million last year.

“These new threat intelligence offerings expand our growing security portfolio, offer deeper insights into threat actors and their behaviors, and help security teams accelerate the identification and prioritization of risks,” commented Vasu Jakkal, Corporate Vice President of Security, Compliance, Identity, and Management at Microsoft.

With Microsoft Defender Threat Intelligence, users can uncover attacker infrastructure and accelerate remediation with deeper context, insights, and analysis. 

Direct access to real-time data from Microsoft’s security signals means organizations can proactively look for threats more broadly in their environments, boost custom threat intelligence processes, as well as improve the performance of third-party security products, Microsoft said.

It’s designed to map the internet daily, building a library of raw threat intelligence that details threats by name, and records their tools, tactics, and procedures (TTPs), plus updates from Microsoft’s security signals and experts.

The capability has been created from the security research teams formerly at RiskIQ with Microsoft’s nation-state tracking team, Microsoft Threat Intelligence Center (MSTIC), and the Microsoft 365 Defender security research teams. 

“Microsoft recognizes the importance of working together as a security community to help protect the digital world from threats,” Jakku continued. “As such, the existing free edition will continue to be available.”

The second solution – dubbed Microsoft Defender External Attack Surface Management – ultimately allows the user to see their business the way an attacker can. Security teams can uncover unknown and unmanaged resources that are visible and accessible from the internet, providing visibility of potential entry points for attackers.

The solution scans the internet and its connections daily, building a complete catalogue of a customer’s environment to identify internet-facing resources, and offers continuous monitoring that prioritizes new vulnerabilities.

“With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their security information and event management (SIEM) and extended detection and response (XDR) tools,” Jakkal added.

Microsoft also announced its Microsoft Sentinel solution for SAP, which it said will allow security teams to monitor, detect, and respond to SAP alerts from its cloud-native SIEM.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Darktrace partners with HackerOne to bring AI to attack resistance
cyber security

Darktrace partners with HackerOne to bring AI to attack resistance

11 Aug 2022
Waterstones suffers stock nightmare after botched IT upgrade
digital transformation

Waterstones suffers stock nightmare after botched IT upgrade

10 Aug 2022
Barclays strikes deal with Microsoft to migrate staff to Teams
collaboration

Barclays strikes deal with Microsoft to migrate staff to Teams

10 Aug 2022
Logicalis snaps up UK-based IT consultancy Q Associates
mergers and acquisitions

Logicalis snaps up UK-based IT consultancy Q Associates

9 Aug 2022

Most Popular

Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Electrical explosion reported at Google's Iowa data centre
data centres

Electrical explosion reported at Google's Iowa data centre

9 Aug 2022