Recent Discussions
Microsoft Defender EASM should be part of Microsoft Defender XDR
Microsoft Defender EASM should be part of Microsoft Defender XDR. Microsoft Defender EASM should not work as one of the service in Microsoft Azure. It should be part of Exposure management in Microsoft Defender XDR. Already Microsoft is trying to consolidate its Security/Defender platforms in to one platform Microsoft Defender XDR. So at the same time why creating new portal for this?
Microsoft Secure score not updating after implementation of Attack Surface Reduction
<p>Hello everyone,</p> <p>I wanted to share that we have successfully implemented <strong>Attack Surface Reduction (ASR)</strong> rules across our endpoint devices as part of our ongoing security hardening efforts. These configurations are actively deployed and enforced through Intune ASR to help mitigate common attack vectors like Office macro abuse, executable content from email/web, and other high-risk behaviors.</p> <p>However, we’ve noticed that despite this implementation, some ASR-related recommendations are still appearing in Microsoft Secure Score. This can occur due to delays in telemetry updates, device reporting issues, or Secure Score metrics not immediately reflecting policy enforcement across all endpoints.</p> <p>We are currently reviewing the underlying data and device reporting to ensure full visibility and alignment with Secure Score.</p>
Analytic rules for Microsoft Sentinel based on MS EASM
Hi, I just imported EASM data to Sentinel, so we can create some analytic rules based on EASM data. I'm now thinking on which use cases are interesting to create alerts. Anyone has already followed this path and has some experience of what kind of alerts make sense based on EASM data? Thanks
Recent Blogs
- Announcing availability of Defender EASM prompting capabilities in the Copilot for Azure chat pane.May 21, 2024
- Announcing new and enhanced Defender EASM integrationsMar 13, 2024
