Microsoft has announced two new security services to enhance the threat intelligence capabilities of its Microsoft Defender platform. The new Defender Threat Intelligence and Defender External Attack Surface Management tools are a result of Microsoft’s acquisition of the cybersecurity company RiskIQ in July 2021.
First up, the Microsoft Defender Threat Intelligence (MDTI) service provides enterprise customers access to real-time threat intelligence data obtained from Microsoft’s security signals. It should help security teams to enhance their security strategies and proactively protect their infrastructure against online threats.
According to Microsoft, RiskIQ’s data provides an additional layer of security on top of its own security products such as Microsoft Defender and Microsoft Sentinel. The service also brings access to a library of raw threat intelligence from Microsoft’s security experts. These unique insights make it easier for organizations to find, remove, and block security issues within their environments.
“Organizations can proactively hunt for threats more broadly in their environments, empower custom threat intelligence processes and investigations, and improve the performance of third-party security products,” explained Vasu Jakkal, Microsoft’s CVP for Security, Compliance, Identity, and Management.
Additionally, the new Microsoft Defender external attack surface management service provides customers with a comprehensive view of their attack surface. It enables security teams to discover agentless and unmanaged internet-facing assets that could be vulnerable to cyber-attacks. The tool enables organizations to block potential attack vectors and mitigate risks.
“With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their security information and event management (SIEM) and extended detection and response (XDR) tools,” Jakkal added.
Microsoft has launched these new security solutions at a time when cyber attacks on businesses are on the rise. The company already has a solid collection of security solutions for addressing threats in multi-cloud and hybrid cloud environments, and the addition of these new tools should help customers to prevent sophisticated malware and ransomware attacks.