New Microsoft products – Defender Threat Intelligence, External Attack Defender, & Sentinel for SAP


Photo by Susanne Jutzeler, suju-foto on Pexels.com

Microsoft have added more new products to the Defender family – “Microsoft Defender Threat Intelligence” and “Microsoft Defender External Attack Surface Management” – and have brought out an SAP add-on for Microsoft Sentinel.

Microsoft Defender Threat Intelligence

This new offering, incorporating what was RiskIQ, effectively “maps the internet” and gives customers direct access to Microsoft’s real-time data and security signals; this enables organisations to “proactively hunt” for threats within their environment.

https://www.microsoft.com/en-us/security/business/siem-and-xdr/microsoft-defender-threat-intelligence?rtc=1

Microsoft Defender External Attack Surface Management

This helps organisations identify all their internet facing resources – including those you’re not aware of and/or have forgotten about. It’s so easy to lose track of your external facing devices with COVID changes, mergers, good old shadow IT, and the potential for mis-configured assets around the business.

https://www.microsoft.com/en-us/security/business/cloud-security/microsoft-defender-external-attack-surface-management?rtc=1

Being able to see a continuously updated map of potentially vulnerable assets will be key for organisations looking to protect themselves, their assets, and their users.

Microsoft Sentinel for SAP

They have announced an SAP specific add-on for Microsoft Sentinel that will:

  • Monitor all system layers
  • Detect & respond to threats
  • Enable customisation to extend protection

According to Microsoft it will integrate with “virtually any” NetWeaver system. It launched in August 2022 and is free for the first 6 months. After that it will be an add-on charge to the regular Sentinel pricing.

Further Reading

Threat Intelligence

External Attack Surface Management

Sentinel for SAP

Microsoft security name changes – November 2021


Photo by Nothing Ahead on Pexels.com

During their Ignite 2021 conference, Microsoft announced a range of name changes across their security portfolio – these are:

Old nameNew name
Microsoft Cloud App Security (MCAS)Microsoft Defender for Cloud Apps
Azure Security Center + Azure Defender Microsoft Defender for Cloud
Azure Defender for IoTMicrosoft Defender for IoT
Azure Defender for StorageMicrosoft Defender for Storage
Azure Sentinel Microsoft Sentinel

These are, I believe, all the changes but there may be some other “Azure –> Microsoft” changes that have taken place!

Whenever products change names, there’s the potential for confusion among partners and customers. While many of these are fairly straightforward, I can definitely see people getting confused between “Microsoft Defender for Cloud” and “Microsoft Defender for Cloud Apps” 😂

%d bloggers like this: