Security News > 2023 > June > Microsoft says share the wealth with cyber-info for business

If enterprises are going to protect themselves in a threat environment that is constantly changing and evolving, they need a posture management strategy that not only takes in industry standards and best practices from vendors but also learns from recent attacks, according to Israel Cohen, senior product manager for Microsoft 365 Defender.

The software giant is therefore adding a capability to Microsoft 365 Defender that automatically maps techniques that were used in attacks against an organization, and then recommends what security pros can do to bolster their security posture and prevent a similar attack.

Microsoft 365 Defender researches and analyzes miscreants' techniques and maps them to the enterprise's security posture, with the information made available in a threat analytics report.

"For each threat, you'll be able to view a score that reflects the severity of misconfigurations the attacker exploited and the number of affected assets," Cohen wrote, adding that an enterprise's security team can "View the list of recommended posture controls directly from the recommended actions tab within the incident or threat analytics page in Microsoft 365 Defender."

Microsoft maintains a list of Intel Profiles of known threats that enterprise security analysts can use to identify adversaries and put the necessary defenses in place.

"In the new taxonomy, threat actor groups are named after weather events, which are universal forces we must all counteract and adapt to - just like cyber threats."

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/08/microsoft_defender_security_posture/