Microsoft Defender can now show you exactly where your business might get hacked

Microsoft unveils new security tools for businesses worried about attack

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Microsoftwants to solve one of the biggest cybersecurity problems for today’s enterprises - vulnerableendpointsflying under the security radar.

The company has announced Microsoft Defender External Attack Surface Management, which looks to give IT teams a better view of their organization’s attack surface, including internet-exposed resources that could be harnessed in an attack.

Under the assumption that IT teams are quite capable of managing their own infrastructure, Microsoft is placing the emphasis on devices coming into the network following a merger or acquisition, devices becoming vulnerable with the use of shadow IT, problems with cataloging the entire tech stack, etc.

Finding unmanaged resources

The tool works by scanning internet connections and cataloging the company’s tech environment.

“The new Defender External Attack Surface Management gives security teams the ability to discover unknown and unmanaged resources that are visible and accessible from the internet – essentially, the same view an attacker has when selecting a target,” Microsoft Corporate VP for Security, Vasu Jakkal, said in the announcementblog post.

“Defender External Attack Surface Management helps customers discover unmanaged resources that could be potential entry points for an attacker.”

By keeping a close eye on the connections, and monitoring potentially unguarded endpoints, the tool helps IT teams view their assets through the eyes of a potential attacker.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

API monitoring: taking visibility to the next level>How to protect yourself and your data online by reducing visibility>Remove viruses and ransomware with the best malware protection services around

“Continuous monitoring, without the need for agents or credentials, prioritizes new vulnerabilities,” Jakkal added. “With a complete view of the organization, customers can take recommended steps to mitigate risk by bringing these unknown resources, endpoints, and assets under secure management within their SIEM and XDR tools.”

Microsoft Defender External Attack Surface Management aside, the company also announced Microsoft Defender Threat Intelligence, a support tool for SecOps teams.

The tool is designed to help SecOps identify threat actor infrastructure, thus speeding up analysis and countermeasures. Through Microsoft Defender Threat Intelligence, SecOps will gain access to real-time data from Microsoft’s 43 trillion daily security signals, the company concluded.

The signals are raw threat intelligence information, which includes threat actor names, tools, and tactics.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics