Microsoft announced two new security threat intelligence products Tuesday morning, the latest steps in a broader effort to help businesses proactively detect and prevent cyberattacks.
Built in part on Microsoft’s $500 million acquisition of RiskIQ last year, new Microsoft products have come as Google strives to complete its $5.4 billion acquisition of threat intelligence firm Mandiant. . Microsoft was apparently in license to acquire Mandiant before Google announced the deal in March.
It’s part of a flurry of industry activity in areas known as Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), which uses AI and human experts to fight against various cyber threats.
Microsoft is building a large security business, with annual revenue of $15 billion as of December. Security revenue rose 40% in the June quarter, Microsoft CEO Satya Nadella told analysts last week. during the company’s earnings conference call, without providing a dollar amount.
Last year, the company hired Charlie Bell, a longtime Amazon Web Services executive, to lead its new security, compliance, identity and management organization. Its products run on multiple clouds and platforms, including AWS and Google Cloud, in addition to Microsoft Azure and related cloud services.
One of Microsoft’s new products, Defender Threat Intelligence, gives customers “access to a library of raw threat intelligence that details adversaries by name, correlating their tools, tactics, and procedures,” with updates. regular update of Microsoft security data and experts. writes Vasu Jakkal, Microsoft corporate vice president for security, compliance, identity, and management.
The approach “lifts the veil on attacker and threat family behavior and helps security teams find, remove, and block adversary tools hidden within their organization,” Jakkal added.
Microsoft’s other new product, Defender External Attack Surface Management, scans the Internet to identify a company’s online assets and potential vulnerabilities.
“Many companies have internet assets that they may not know about or have simply forgotten about,” Jakkal writes. “These are often created by shadow IT, mergers and acquisitions, incomplete catalog, business partner exposure, or simply rapid business growth. »
After delivering a string of cybersecurity companies last year, Microsoft ditched its buying spree in June with a deal to acquire Miburo, a threat analytics and research company. Microsoft announced three managed security services in May.