Microsoft announced two new security threat intelligence products Tuesday morning, the latest steps in a broader effort to help businesses proactively detect and prevent cyberattacks.
Built in part on Microsoft’s $500 million acquisition of RiskIQ last year, new Microsoft products have come as Google strives to complete its $5.4 billion acquisition of threat intelligence firm Mandiant. . Microsoft was apparently in the running to acquire Mandiant before Google announced the deal in March.
It’s part of a flurry of industry activity in the areas known as Security Information and Event Management (SIEM) and Extended Detection and Response (XDR), which use AI and human experts to fight against various cyber threats.
Microsoft is building a large security business, with annual revenue of $15 billion as of December. Security revenue rose 40% in the June quarter, Microsoft CEO Satya Nadella told analysts last week. during the company’s earnings conference call, without providing a dollar amount.
Last year, the company hired Charlie Bell, a longtime Amazon Web Services executive, to lead its new security, compliance, identity and management organization. Its products run on multiple clouds and platforms, including AWS and Google Cloud, in addition to Microsoft Azure and related cloud services.
One of Microsoft’s new products, Defender Threat Intelligence, gives customers “access to a library of raw threat intelligence detailing adversaries by name, correlating their tools, tactics, and procedures,” with updates. regular updates from security data and experts from Microsoft. writes Vasu Jakkal, Microsoft corporate vice president for security, compliance, identity, and management.
The approach “lifts the veil on attacker and threat family behavior and helps security teams find, remove, and block adversary tools hidden within their organization,” Jakkal added.
Microsoft’s other new product, Defender External Attack Surface Management, scans the Internet to identify a company’s online assets and potential vulnerabilities.
“Many companies have internet assets that they may not be aware of or have simply forgotten about,” Jakkal wrote. “These are often created by shadow IT, mergers and acquisitions, incomplete cataloging, business partner exposure, or simply rapid business growth. »
After absorbing a string of cybersecurity firms last year, Microsoft continued its buying spree in June with a deal to acquire Miburo, a threat analytics and research company. Microsoft announced three managed security services in May.