Forum Widgets
Latest Discussions
New Blog Post | Why is Defender EASM Discovery important?
Full blog post:Why is Defender EASM Discovery important? - Microsoft Community Hub The Defender External Attack Surface Management (Defender EASM) Discovery is an integral part of the external attack surface management process. Organizations often struggle to keep up with demanding business requests and create additional infrastructure not under their IT compliance. COVID increased pressure on organizations to allow employees to work from home and make rapid changes to new or existing infrastructure. How can you get an accurate picture of your risk with all these changes happening? How could you know where your attack surface is vulnerable? Defender EASM Discovery is the answer. Original Post:New Blog Post | Why is Defender EASM Discovery important? - Microsoft Community HubNew Blog Post | Identify Digital Assets Vulnerable to Subdomain Takeover
Read the full blog post:Identify Digital Assets Vulnerable to Subdomain Takeover - Microsoft Community Hub Subdomain takeover vulnerabilities are, in most cases, the result of an organization using an external service and letting it expire. However, that expired subdomain is still a part of the organization's external attack surface, with domain DNS entries pointing to it. An attacker could then claim this subdomain and take control of it with little to no effort, a considerable blow to an organization's security posture. How does this happen? For example, a company might enlist a service desk provider, "FreshDesk.' It would point a subdomain like "support.mycompany.com" to FreshDesk and then claim this domain with the Freshdesk service to activate it. However, a problem arises when the organization abandons the service because they migrate to other services or for some other reason. Meanwhile, after the service agreement expires, the subdomain remains pointing to the FreshDesk platform. While this might not seem bad initially, the risk of allowing attackers to execute scripts under the subdomain enables them to obtain data from the main website. The risk becomes even more significant when this scenario involves a service that handles PPI, PHI, or trade secrets. Microsoft Defender External Attack Surface Management continuously maps the external-facing resources across your organization's attack surface to identify, classify, and prioritize risks, including subdomain expiration and takeover.
New Blog Post | Data Connectors for Azure Log Analytics and Data Explorer Now in Public Preview
Data Connectors for Azure Log Analytics and Data Explorer Now in Public Preview - Microsoft Community Hub The Microsoft Defender EASM (Defender EASM) team is excited to share that new Data Connectors for Azure Log Analytics and Azure Data Explorer are now available in public preview. Defender EASM continuously discovers an incredible amount of up-to-the-minute Attack Surface Data, so connecting and automating this data flow to all our customers’ mission-critical systems that keep their organizations secure is essential. The new Data Connectors for Log Analytics and Azure Data Explorer can easilyaugment existing workflows by automating recurring exports of all asset inventory data and the set of potential security issues flagged as insights to specified destinations to keep other tools continually updated with the latest findings from Defender EASM.New Blog Post | Latest Engineering Semester Enables Tighter Integrations, Ease of Use
Full blog post:Latest Engineering Semester Enables Tighter Integrations, Ease of Use - Microsoft Community Hub The launch ofMicrosoft Defender External Attack Surface Management (Defender EASM)was part of Microsoft's ongoing vision to provide unmatched threat intelligence capabilities. We've continued to innovate, introducing impactful new features that drive value for our customers through simplicity and integrations that enhance the products and workflows security teams already use via Defender EASM data. Our latest build includes a REST API to let customers manage their attack surface at scale, a billable assets dashboard to help users more efficiently track their usage, and integration with Microsoft Defender for Cloud to help them understand how and why a digital asset is vulnerable. The team has also introduced enhancements such as dark mode and improvements to discovery and inventory capabilities.This blog will cover what's new in MDEASM and how it can help improve your security posture by bringing unknown resources, endpoints, and assets under secure management.
