Tech giant Microsoft has announced two new security products that will provide deeper context into threat actor activity and help organisations lock down their infrastructure and reduce their overall attack surface.
The new products are Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management.
“Microsoft tracks 35 ransomware families, and more than 250 unique nation-states, cybercriminals, and other threat actors. Our cloud also processes and analyses more than 43 trillion security signals every single day,” Vasu Jakkal Corporate Vice President, Security, Compliance, Identity, and Management, said in a blogpost on late Tuesday.
“This massive amount of intelligence derived from our platform and products gives us unique insights to help protect customers from the inside out,” it added.
With Microsoft Defender Threat Intelligence, security operations teams can uncover attacker infrastructure and accelerate investigation and remediation with more context, insights, and analysis than ever before.
While threat intelligence is already built into the real-time detections of our platform and security products like the Microsoft Defender family and Microsoft Sentinel, this new offering provides direct access to real-time data from Microsoft’s unmatched security signals.
Organisations can proactively hunt for threats more broadly in their environments, empower custom threat intelligence processes and investigations, and improve the performance of third-party security products.
The new Defender External Attack Surface Management allows security teams to discover unknown and unmanaged resources visible and accessible from the internet — essentially the same view an attacker has when selecting a target.