RSA news: What's new in Defender XDR?
Microsoft Defender XDR keeps on innovating to fight against ever-changing cyber threats which have the potential to cripple organizations. The new features include AI-powered disruption of SaaS attacks, native support for Data Security & Operational Technology (OT), and end-to-end protection in the unified security operations platform. AI-powered disruption has expanded to disrupt attacks that include malicious OAuth apps. With the AI-powered disruption of SaaS attacks, Defender XDR will now disable the compromised OAuth app to stop the attacker from further misuse, which is a prominent attack vector for adversaries. Defender XDR now includes native protection for Operational Technology (OT) and Industrial Control Systems (ICS), while the O T security is integrated into XDR along with new insider risk management insights from Microsoft Purview. Moreover, new features benefit both Microsoft Sentinel & Defender XDR customers like unified custom detections, automation rules, and more, as well as new in-browser protection using Microsoft Edge to protect access to SaaS apps.
Published on:
Learn moreRelated posts
Microsoft Purview compliance portal: Insider Risk Management – Adaptive Protection – Enhancements to insider risk level settings
Microsoft Purview compliance portal has introduced a new feature in their Insider Risk Management tool named "Adaptive Protection," which allo...
Microsoft Copilot (Microsoft 365): Insider Risk Management – Microsoft Purview capabilities in Copilot for Security
This article explores how Microsoft Purview capabilities in Copilot can be used for insider risk management, providing security teams with unp...
Microsoft Purview compliance portal: Insider Risk Management – Adaptive Protection in Gov Cloud
Microsoft Purview now offers Adaptive Protection in Government clouds, enabling the dynamic assignment of appropriate Data Loss Prevention pol...
Microsoft Defender for Office 365: Create Simulations with Attack Simulation Training Graph API
The Attack Simulation Training Graph APIs introduced by Microsoft Defender for Office 365 offer enhanced control and flexibility for creating ...
Microsoft Defender for Office 365: Attack Simulation Training for GCCH
Microsoft 365 Defender for Office is introducing attack simulation and training (AST), an intelligent tool aimed at reducing the risk of cyber...
Microsoft Purview compliance portal: Insider Risk Management – Microsoft Information Protection (MIP) ML Classifier support
The Microsoft Purview compliance portal now has Insider Risk Management support for Microsoft Information Protection (MIP) ML Classifier. This...
Microsoft Purview compliance portal: Insider Risk Management – Microsoft Information Protection (MIP) ML Classifier support
Microsoft Purview Insider Risk Management is a powerful tool that enables companies to detect potential insider risks such as IP theft, data l...
Automatic disruption of Ransomware and BEC attacks with Microsoft 365 Defender
The ever-growing volume of advanced cybersecurity attacks challenges even the most advanced Security Operations (SOC) teams. Image 1 shows a t...
Microsoft Purview | Insider Risk Management: Enhancements to detection and triage
The latest update to Microsoft Purview Insider Risk Management brings several enhancements to its security detection and triage experiences. A...
Securing Operational Technology (OT)
Operational Technology (OT) security is a critical topic, and in this episode, Elizabeth Stephens shares invaluable insights on safeguarding O...