San Jose, CA. August 22, 2023 – Forescout, a global cybersecurity leader, has announced its integrations with Microsoft Sentinel as part of its broader initiative to support the Microsoft Security portfolio. This collaboration aims to provide real-time visibility, threat management, and incident response across various endpoints, including campus, datacenter, remote workers, cloud, mobile, IoT, OT, and IoMT.
The increasing severity, sophistication, and frequency of cyberattacks have highlighted the inadequacy of many organizations’ current cybersecurity frameworks and tools. Understaffed security operations centers (SOCs), a proliferation of unmanaged devices, and newly discovered vulnerabilities on legacy systems have further complicated and intensified the risk and likelihood of a breach. To make matters worse, security teams are frequently overwhelmed by false positives, missed threats, and a lack of proper response prioritization.
Forescout addresses these challenges by providing enterprises with continuous identification and classification of every connected asset, including IT, OT, IoT, and IoMT endpoints, whether they are managed or unmanaged. The platform enables automated enforcement of appropriate security and compliance measures, reducing the overall risk.
Barry Mainz, CEO of Forescout, expressed pride in joining the Microsoft Intelligent Security Association (MISA) through the integration with Microsoft Sentinel. He emphasized that this collaboration allows Forescout to offer a comprehensive and holistic approach to cybersecurity. Mainz highlighted the importance of understanding network risks, mitigating cyber-attacks, and responding rapidly and accurately when necessary.
Microsoft Sentinel plays a crucial role in improving the signal-to-noise ratio for security teams. By providing automated intelligence, Sentinel significantly enhances daily operations.
The comprehensive integration between Forescout and Microsoft Sentinel, along with their longstanding touchpoints to Microsoft’s Enterprise suite of solutions, empowers joint customers with real-time device context, risk insights, and automated mitigation and remediation capabilities. This integration leads to improved security response times for incidents and events, removing complexity from the incident response process. Forescout’s automation and AI-driven decision-making enable rapid contextual decision-making to enhance security or mitigate cyber incidents.
The key benefits of the Forescout integration with Microsoft include faster mean time to respond (MTTR), comprehensive real-time asset discovery and inventory, asset lifecycle management, and automated threat management. These features enable orchestration of host-based remediation through Microsoft Defender and network-based response via Forescout, providing a streamlined mean time to respond for the SOC. Additionally, the integration offers a holistic 360-degree view of enterprise environments, providing valuable device context such as network location, risk exposure, device identity, and taxonomy.
Automated compliance assessment and enforcement, vulnerability identification, quarantine capabilities, and network segmentation policies are also key features of the integration, promoting asset lifecycle management. Lastly, real-time risk assessment, device hardening, least-privilege network connectivity, and automated detection and quarantine controls enable the implementation of a true Zero Trust architecture.
Rob Lefferts, Corporate Vice President of Modern Protection and SOC at Microsoft, expressed enthusiasm for partnering with Forescout. Lefferts highlighted the unified and accelerated threat detection and response capabilities of Microsoft Sentinel and the value of collaborating with partners like Forescout to create innovative content for users.
Forescout solutions that are integrated with Microsoft Sentinel are now available for customers.
About Forescout:
Forescout Technologies, Inc. is a global cybersecurity leader that provides identification, protection, and compliance assurance for all managed and unmanaged connected cyber assets, including IT, IoT, IoMT, and OT. For over 20 years, Fortune 100 organizations and government agencies have relied on Forescout for vendor-agnostic, automated cybersecurity at scale. The Forescout Platform offers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. Through seamless context sharing and workflow orchestration with ecosystem partners, Forescout enables effective cyber risk management and threat mitigation for its customers.