Microsoft announced Microsoft Defender Remote Attack Surface Management, which aims to give IT teams a better view of their organization’s attack surface, including the resources exposed to the Internet that could be exploited in an attack. Assuming IT teams are capable enough to manage their own infrastructure, Microsoft focuses on devices that enter the network as a result of a merger or acquisition — devices that become vulnerable through the use of shadow IT. pile etc.
Vasu Jakkal, Microsoft’s corporate vice president of security, said in the blog post of the announcement:
The new Defender External Attack Surface Management gives security teams the ability to discover unknown and unattended resources that are visible and accessible from the web – essentially the same view an attacker has when selecting a target, Defender External Attack Surface Management helps customers avoid unattended attacks. discover assets that are potential entry points for an attacker.
By monitoring connections and monitoring potentially unsecured endpoints, the tool helps IT teams see their assets through the eyes of a potential attacker.
Furthermore, Jakkal added:
Continuous monitoring, without the need for agents or credentials, prioritizes new vulnerabilities. With a comprehensive view of the organization, customers can take recommended actions to mitigate risk by securely managing these unknown assets, endpoints, and assets within their SIEM and XDR tools.
Aside from Microsoft Defender External Attack Surface Management, the company has also announced Microsoft® Defender Threat Intelligencea support tool for SecOps teams.
Source: Lega Nerd
