Microsoft New Security Audit Tool

Microsoft’s new security tool for auditing external attack surfaces gives security teams the ability to discover unknown and unmanaged resources that are visible and accessible from the internet, basically the same view an attacker has when selecting a target.

‘The new Defender External Attack Surface Management’ facilitates customers to determine unmanaged resources that could be possible entry points for an attacker.

Microsoft Defender External Attack Surface Management

Most essentially, Microsoft Defender External Attack Surface Management examines the internet and its connections every day. This helps to find out the internet-facing resources, even the agentless or credentials, and unmanaged assets.

“With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their security information and event management (SIEM) and extended detection and response (XDR) tools”, Vasu Jakkal Microsoft Corporate Vice President.

Microsoft Defender External Attack Surface Management summary page featuring Attack Surface Summary and Attack Surface Priorities.

This new product helps to sustain a dynamic inventory of external resources across multiple clouds and hybrid environments. It determines the exposed weakness by prioritizing them and misconfigurations hidden in unmanaged resources then bringing the resources under management to remove those exposures.

https://img-prod-cms-rt-microsoft-com.akamaized.net/cms/api/am/imageFileData/RE52H3Q?ver=764f&q=90&m=2&h=2147483647&w=2147483647&b=%23FFFFFFFF&aim=true

Microsoft mention to integrate security information and event management (SIEM) and extended detection and response (XDR) to increase efficiency and effectiveness while securing your digital estate.

Microsoft also releases Microsoft Defender Threat Intelligence, another security product that will provide security operations (SecOps) teams with the threat intelligence needed to determine attacker infrastructure and speed up attack investigations and remediation efforts.“The volume, scale, and depth of intelligence are designed to empower security operations centers (SOCs) to understand the specific threats their organization faces and to harden their security posture accordingly”, saysVasu Jakkal.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.