Microsoft Adds Two New Security Products To Its Defender Suite

The giant software company sees its threat intelligence and EASM solutions helping channel players - not competing with channel players, a top executive says.

Microsoft has debuted new threat intelligence and attack surface management software as the company expands its suite of ‘Defender’ security products available to channel players and customers.

The increasing number of cyber-threats confronting organizations require robust attempts to gather intelligence about potential attacks before they happen and to assess the vulnerabilities of companies, said Vasu Jakkal, Microsoft’s corporate vice president of security, compliance, identity, and management, In a blog post.

As a result, the giant Redmond, Wash.-based software company is now releasing Microsoft Defender Threat Intelligence and Microsoft Defender External Attack Surface Management.

Microsoft Defender Threat Intelligence provides real-time threat intelligence, updated daily, and delivers “actionable insights to security teams about threat actors and their infrastructure,” Microsoft said in a statement.

Meanwhile, the new Microsoft Defender External Attack Surface Management (EASM) gives security teams the ability to see their systems’ safeguards and potential vulnerabilities from the vantage point of attackers – and in the process identify “potential entry points for an attacker,” according to the company.

“These new threat intelligence offerings expand our growing security portfolio, offer deeper insights into threat actors and their behaviors, and help security teams accelerate the identification and prioritization of risks,” Jakkal wrote in his blog post.

In all, Microsoft now has about ten security offerings within its Microsoft Defender suite.

Rob Lefferts, corporate vice president of modern protection and SOC at Microsoft, said in an interview with CRN that the latest Defender offerings largely come from the technologies Microsoft obtained last year when it purchased RiskIQ, a San Francisco-based attack surface management firm that also provided threat intelligence.

“They brought some unique things to the table,” Lefferts said of RiskIQ’s capabilities, adding that Microsoft was eager to integrate RiskIQ’s products into the Defender offerings.

In May, Microsoft created some concern within channel circles when it announced it was offering three expanded services under a new category called Microsoft Security Experts. The idea behind Experts: Provide customers with more human interaction and intervention when it comes to their security needs.

Lefferts at the time acknowledged that offering security expert services, as opposed to security software products, could cause friction between Microsoft and channel partners offering similar services—and he indicated Microsoft was willing to make future adjustments to its Experts program moving forward.

But Lefferts said he sees no competitive friction with channel players regarding its new threat intelligence and EASM products.

“I think these will help partners,” he said, noting channel players can either buy the Defender products for themselves or to resell them to customers. “It gives them more visibility in the market,” he said.

He added that the new threat intelligence and EASM products are aimed at helping “sophisticated users” dealing with all kinds of cyber-threats.

Lefferts didn’t rule out Microsoft adding more products to its Defender line-up, but indicated nothing is imminent.

“We’re always excited about new ways to help security teams,” he said.