Microsoft announced two new offerings Tuesday built on last year's acquisition of RiskIQ: Defender External Attack Surface Management (EASM) and Defender Threat Intelligence.
RiskIQ is best known for its PassiveTotal ASM product. The experience behind PassiveTotal will fuel EASM, while researchers formally at RiskIQ, combined with Microsoft's own MSTIC and Defender 365 teams will staff the Threat Intelligence product.
"We're very excited here on both of those fronts, helping customers see the attack surface to an attacker with and making sure that all of the threat intelligence that Microsoft can bring to bear becomes the threat intelligence for organizations of all sizes," Rob Lefferts, Microsoft security engineering corporate vice president, told SC.
Both products are available now.
The chief advantage to Defender Threat Intelligence is the amount of information Microsoft can accrue across its massive customer base — approximately 43 trillion signals a day, said Lefferts. He added that footprint expanded far beyond Microsoft's own products and deep into multi-cloud environments.
"We did this pivot years ago around switching from protecting Microsoft products to protecting the customer's estate," he said. "It's thinking about not just protecting Azure, but also protecting customers who are using AWS and GCP because that's the world they're in."
Lefferts said Microsoft's expanding range of security offerings would allow for more deliberate and custom design.
"We think we can do more. We think we can bring these tools together. And we're incredibly excited about learning from how customers are actually applying these tools and building these direct design partnerships with customers," he said.
