IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Microsoft unveils new threat intelligence and surface management solutions

New Microsoft Defender offerings aim to offer deeper insights into threat actors and their behaviours

threats

Microsoft has announced two new key security products in the shape of Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management. 

The new solutions have been designed to provide users with deeper context into threat actor activity, Microsoft said, which will help organizations lock down their infrastructure and reduce their overall attack surface.

The move marks the first time the Redmond giant has harnessed the technology from RiskIQ, the security software company it acquired for around $500 million last year.

“These new threat intelligence offerings expand our growing security portfolio, offer deeper insights into threat actors and their behaviors, and help security teams accelerate the identification and prioritization of risks,” commented Vasu Jakkal, Corporate Vice President of Security, Compliance, Identity, and Management at Microsoft.

With Microsoft Defender Threat Intelligence, users can uncover attacker infrastructure and accelerate remediation with deeper context, insights, and analysis. 

Direct access to real-time data from Microsoft’s security signals means organizations can proactively look for threats more broadly in their environments, boost custom threat intelligence processes, as well as improve the performance of third-party security products, Microsoft said.

It’s designed to map the internet daily, building a library of raw threat intelligence that details threats by name, and records their tools, tactics, and procedures (TTPs), plus updates from Microsoft’s security signals and experts.

The capability has been created from the security research teams formerly at RiskIQ with Microsoft’s nation-state tracking team, Microsoft Threat Intelligence Center (MSTIC), and the Microsoft 365 Defender security research teams. 

“Microsoft recognizes the importance of working together as a security community to help protect the digital world from threats,” Jakku continued. “As such, the existing free edition will continue to be available.”

The second solution – dubbed Microsoft Defender External Attack Surface Management – ultimately allows the user to see their business the way an attacker can. Security teams can uncover unknown and unmanaged resources that are visible and accessible from the internet, providing visibility of potential entry points for attackers.

The solution scans the internet and its connections daily, building a complete catalogue of a customer’s environment to identify internet-facing resources, and offers continuous monitoring that prioritizes new vulnerabilities.

“With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their security information and event management (SIEM) and extended detection and response (XDR) tools,” Jakkal added.

Microsoft also announced its Microsoft Sentinel solution for SAP, which it said will allow security teams to monitor, detect, and respond to SAP alerts from its cloud-native SIEM.

Featured Resources

The COO's pocket guide to enterprise-wide intelligent automation

Automating more cross-enterprise and expert work for a better value stream for customers

Free Download

Introducing IBM Security QRadar XDR

A comprehensive open solution in a crowded and confusing space

Free Download

2021 Gartner critical capabilities for data integration tools

How to identify the right tool in support of your data management solutions

Free Download

Unified endpoint management solutions 2021-22

Analysing the UEM landscape

Free Download

Recommended

Fastly appoints Cisco's Todd Nightingale as new CEO
chief executive officer (CEO)

Fastly appoints Cisco's Todd Nightingale as new CEO

5 Aug 2022
Extreme Networks bolsters partner offering with new benefits
channel

Extreme Networks bolsters partner offering with new benefits

3 Aug 2022
Google Cloud edged out cloud rivals to see largest growth in Q2 - Canalys
cloud computing

Google Cloud edged out cloud rivals to see largest growth in Q2 - Canalys

2 Aug 2022
Accenture expands Cloud First capabilities with Tenbu acquisition
cloud computing

Accenture expands Cloud First capabilities with Tenbu acquisition

2 Aug 2022

Most Popular

How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Samsung proposes 11 Texas semiconductor plants worth $191 billion
Hardware

Samsung proposes 11 Texas semiconductor plants worth $191 billion

21 Jul 2022
Should you take your password manager off the internet?
Sponsored

Should you take your password manager off the internet?

28 Jul 2022