Security News > 2022 > August > Defend your network with Microsoft outside-in security services

Instead of thinking about lists of devices, databases, servers and other assets, you can get better defenses by looking at your inventory from the outside in, the way an attacker would, thinking about what security weaknesses your assets have, what they're connected to and what would be exposed if they were compromised.

"We need to help security teams and defenders of all kinds change the game in how they think about what attackers are doing. How do we think the way that attackers do, and how can we look at our own organizations the way that an attacker would see them?".

Microsoft Defender Threat Intelligence brings together all the different data sets you need to check out a domain, host or IP address that you think may be compromised, complete with metrics to help you know what you should worry about, as well as information about attack groups, malware and vulnerabilities.

Figure A. Helping security teams understand what attackers are out there and what their objectives and techniques are helps them better defend their systems, Lefferts suggests.

Figure D. Sometimes the reason an asset is exposed to attackers is because it was misconfigured, but often it's the pace of business and the pressure of the pandemic accelerating the trend to use cloud services faster than security teams can cope, Dixon explains.

"We've developed so much technology and so much capability not even just within security organizational behavior becomes really complicated. Tools like EASM help us build those graphs that connect it together and really help those large organizations function in a way that doesn't let the attacker slip through the cracks, which is exactly the problem today."

News URL

https://www.techrepublic.com/article/defend-network-micosoft-security/