Microsoft, a prominent player in the tech industry, has recently introduced a new addition to its security offerings – Microsoft Security Exposure Management. This new program, which falls under the category of continuous threat exposure management (CTEM), was unveiled at the Microsoft Ignite conference held this week.
CTEM, as defined by security experts, is a proactive and unified approach to identifying and mitigating threats within an organization. According to Gartner, companies that adopt CTEM strategies are projected to experience a significant reduction in breaches by the year 2026.
Tyler Shields, a principal analyst at Enterprise Strategy Group, likened exposure management to the next phase of vulnerability management. He emphasized the importance of continuous asset discovery, threat analysis, and vulnerability detection in ensuring a secure environment for organizations.
Initially introduced as a technical preview in March, Microsoft’s Security Exposure Management is now accessible through the Microsoft Defender portal. It is included with E5 licenses and is available as an option for various Microsoft 365 licenses.
With the release of Security Exposure Management, Microsoft aims to provide defenders with a comprehensive view of their organization’s attack surfaces. This proactive approach enables security teams to anticipate and prevent potential threats more effectively.
Vasu Jakkal, Microsoft’s corporate VP for compliance and identity management, highlighted the critical role of exposure management in helping security teams understand their organization’s posture and identify potential attack paths to vital assets. By leveraging exposure graph APIs, Microsoft’s tool can pinpoint vulnerabilities and assess attack paths within an organization.
The introduction of Microsoft’s Security Exposure Management is expected to have a significant impact on the competitive landscape in the exposure management market. Analysts predict that Microsoft’s entry will challenge established players like Cisco/Splunk, CrowdStrike, and Palo Alto Networks Rapid7, among others.
By offering customers a variety of licensing options to access exposure management insights, Microsoft aims to democratize the use of its security tools. Erik Nost, a senior analyst at Forrester, noted that Microsoft’s unique advantage lies in its ability to leverage existing customer data without relying on third-party sources.
Furthermore, Microsoft plans to integrate its exposure management solution with external third-party tools such as Qualys, Rapid7, and Tenable. This ecosystem of external connections will enable customers to gather data from a diverse range of sources and enhance their threat visibility.
The use of Microsoft exposure management tools enables organizations to identify critical assets, evaluate internet exposure, and gain valuable insights from business applications. By visualizing data through tools like the Attack Map and utilizing advanced hunting queries via KQL, customers can effectively analyze potential threats.
In summary, Microsoft’s foray into the exposure management space is poised to disrupt the market and offer organizations a comprehensive solution for threat detection and mitigation. With its integrated approach and ecosystem of external connections, Microsoft aims to empower security teams to proactively protect their assets and data from evolving cyber threats. It will be interesting to see how organizations leverage Microsoft’s offering to enhance their exposure management strategies in the future.