Microsoft have added more new products to the Defender family – “Microsoft Defender Threat Intelligence” and “Microsoft Defender External Attack Surface Management” – and have brought out an SAP add-on for Microsoft Sentinel.
Microsoft Defender Threat Intelligence
This new offering, incorporating what was RiskIQ, effectively “maps the internet” and gives customers direct access to Microsoft’s real-time data and security signals; this enables organisations to “proactively hunt” for threats within their environment.
Microsoft Defender External Attack Surface Management
This helps organisations identify all their internet facing resources – including those you’re not aware of and/or have forgotten about. It’s so easy to lose track of your external facing devices with COVID changes, mergers, good old shadow IT, and the potential for mis-configured assets around the business.
Being able to see a continuously updated map of potentially vulnerable assets will be key for organisations looking to protect themselves, their assets, and their users.
Microsoft Sentinel for SAP
They have announced an SAP specific add-on for Microsoft Sentinel that will:
Monitor all system layers
Detect & respond to threats
Enable customisation to extend protection
According to Microsoft it will integrate with “virtually any” NetWeaver system. It launched in August 2022 and is free for the first 6 months. After that it will be an add-on charge to the regular Sentinel pricing.
During their Ignite 2021 conference, Microsoft announced a range of name changes across their security portfolio – these are:
Microsoft Cloud App Security (MCAS)
Microsoft Defender for Cloud Apps
Azure Security Center + Azure Defender
Microsoft Defender for Cloud
Azure Defender for IoT
Microsoft Defender for IoT
Azure Defender for Storage
Microsoft Defender for Storage
These are, I believe, all the changes but there may be some other “Azure –> Microsoft” changes that have taken place!
Whenever products change names, there’s the potential for confusion among partners and customers. While many of these are fairly straightforward, I can definitely see people getting confused between “Microsoft Defender for Cloud” and “Microsoft Defender for Cloud Apps” 😂