Netography Fusion Expands Microsoft Integrations for Greater Context Enrichment and Faster Compromise Detection

We've got great news for companies that have deployed Microsoft security products in their tech stack - the Netography Fusion® Network Defense Platform now ingests context from Microsoft Defender for Endpoint product and the Microsoft Defender XDR platform.
Fusion customers can now add critical context from the market share leader for endpoint security and their Microsoft-managed identities, email, and apps to enrich the metadata our NDP ingests from across their networks.
These new integrations build on our existing integration with Microsoft Azure to ingest enriched metadata from cloud workloads.
Context from your tech stack is a critical component of the unique value the Fusion platform delivers to SecOps and NetOps teams.
The Fusion platform uses context to transform the metadata in your network from a table of IP addresses, ports, and protocols into enriched metadata that provides context-rich descriptions of the activities of your users, applications, and devices.
Enriched metadata accelerates your ability to detect compromise activity that other security controls in your stack have missed, such as anomalous lateral movement and data exfiltration.
It reduces the time required to respond to any anomalies by delivering detailed, actionable alerts that include the context attributes of the devices involved in the activity.
Integration with these Microsoft products is significant because of their widespread deployment in enterprise networks and the ease with which you'll be able to ingest attributes to enrich your understanding of anomalous activity in your network.
The Microsoft Defender for Endpoint integration ingests context attributes from Defender-managed devices across your enterprise.
There are over 20 device and user context attributes currently collected, including many values created by the Defender endpoint automatically.
Devices managed by Microsoft Defender for Endpoint Emails processed by Microsoft 365 Authentication events, domain controller activities, and cloud application activities monitored by Microsoft Defender for Identity and Microsoft Defender for Cloud Apps.
Taken together, these integrations significantly increase the amount of actionable data Fusion will be able to generate.
By combining the Microsoft-generated context with the enriched metadata from the other sources in your network, your SOC and NOC teams will have the confidence they need to know that a device, user account, or application has been compromised without conducting additional investigation.
Fusion starts with aggregating and normalizing metadata from your multi-cloud and on-prem network, including cloud flow logs from all five major cloud providers.
Fusion then enriches this metadata with context contained in applications and services in your existing tech stack, including asset management, CMDB, EDR, NDR, XDR, and vulnerability management systems.
The context can include dozens of attributes, including asset risk, environment, last known user, region, risk score, security workgroup, type of entity, and vulnerability count.
The result is a unified view of activity across your hybrid multi-cloud and on-prem network, including IT, OT, and IoT environments, without the need to deploy sensors, network taps, agents, or decryption architectures.
The Fusion platform puts all the relevant information your SecOps and NetOps teams need at their fingertips.
Fusion's customizable dashboards and Netography Detection Models your teams can monitor activity by any combination of attributes.
This is a Security Bloggers Network syndicated blog from Netography authored by Patrick Bedwell.


This Cyber News was published on securityboulevard.com. Publication date: Thu, 04 Jan 2024 19:43:04 +0000


Cyber News related to Netography Fusion Expands Microsoft Integrations for Greater Context Enrichment and Faster Compromise Detection

Netography Fusion Expands Microsoft Integrations for Greater Context Enrichment and Faster Compromise Detection - We've got great news for companies that have deployed Microsoft security products in their tech stack - the Netography Fusion® Network Defense Platform now ingests context from Microsoft Defender for Endpoint product and the Microsoft Defender XDR ...
11 months ago Securityboulevard.com
How Sekoia.io empowers cybersecurity with 170+ integrations - To enable this flexibility and streamline security operations, Sekoia.io adheres to a technology-agnostic approach and offers integrations with 170+ tools and third-party platforms. We enable building a holistic approach to threat detection and ...
11 months ago Blog.sekoia.io
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
1 year ago Microsoft.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
A primer on storage anomaly detection - Anomaly detection plays an increasingly important role in data and storage management, as admins seek to improve security of systems. In response to these developments, more vendors incorporate storage anomaly detection capabilities into their ...
1 year ago Techtarget.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
PRODUCT REVIEW: ENEA QOSMOS THREAT DETECTION SDK - The Qosmos Threat Detection Software Development Kit is Enea's innovative solution to the demand for more robust, adaptable, and high-performance network threat detection platforms. ADVANCED THREAT DETECTION WITH SUPERIOR TRAFFIC VISIBILITY. ...
11 months ago Cybersecurity-insiders.com
Why It's More Important Than Ever to Align to The MITRE ATT&CK Framework - These missed attacks often stem from either hidden gaps in detection coverage - or due to alerts that got buried in a sea of noisy alerts and were never even pursued by the Security Operations Center team. In other words, we need to be able to report ...
1 year ago Cyberdefensemagazine.com
NIST NVD Disruption Sees CVE Enrichment on Hold - Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database, the world's most widely used software vulnerability database. Tom Pace, CEO of firmware security provider ...
9 months ago Infosecurity-magazine.com
Microsoft Copilot for Security: General Availability details - To help you seize this opportunity, we are excited to announce the general availability of Microsoft Copilot for Security on April 1st. This industry-leading product is the only generative AI solution that helps security and IT professionals amplify ...
9 months ago Techcommunity.microsoft.com
How to Build a SOAR Playbook: Start with the Artifacts - Security Boulevard - Artifacts are data elements relevant to your security incidents, such as device IDs, user IDs, IP addresses, file hashes, and process names. By focusing on commands that interact with your key artifacts, you streamline your playbook, making it more ...
2 months ago Securityboulevard.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
11 months ago Microsoft.com
Expanding Reach and Reducing Costs: Cato Enhances Capabilities with Latest Third-Party Integrations - This surge is evident not only in its adoption by organizations of all sizes but also in the increasing number of requests from third-party vendors eager to integrate SASE into their software solutions. This is where Cato API comes into play, ...
1 year ago Itsecurityguru.org
Expanding Reach and Reducing Costs: Cato Enhances Capabilities with Latest Third-Party Integrations - This surge is evident not only in its adoption by organizations of all sizes but also in the increasing number of requests from third-party vendors eager to integrate SASE into their software solutions. This is where Cato API comes into play, ...
1 year ago Itsecurityguru.org
ESET Launches New Managed Detection and Response Service for Small and Midsize Businesses - PRESS RELEASE. BRATISLAVA/SAN DIEGO - January 17, 2024 - ESET, a global leader in cybersecurity, has announced the launch of ESET MDR, an innovative solution aimed at addressing the evolving cybersecurity challenges faced by SMBs. This new offering ...
11 months ago Darkreading.com
How to Build a Phishing Playbook Part 2: Wireframing - Welcome back to our series on automating phishing investigation and response with playbooks in Smart SOAR. This is a four-part series covering preparation, wireframing, development, and testing. Wireframing workflows is an excellent step in-between ...
11 months ago Securityboulevard.com
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
11 months ago Techtarget.com
MixMode platform enhancements boost threat detection and response - This release gives customers greater visibility into their digital attack surface, improved investigation capabilities, and increased customization options. Alert enrichment enhancements: MixMode's alert enrichments have been significantly enhanced ...
1 year ago Helpnetsecurity.com
The Importance of Incident Response for SaaS - The importance of a thorough incident response strategy cannot be understated as organizations prepare to identify, investigate, and resolve threats as effectively as possible. Most security veterans are already well aware of this fact, and their ...
1 year ago Securityboulevard.com
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
8 months ago Bleepingcomputer.com
Vectra AI Launches Global, 24x7 Open MXDR Service Built to Defend Against Hybrid Attacks - PRESS RELEASE. San Jose, Calif. - February 15, 2024 - Vectra AI, Inc., the leader in hybrid attack detection, investigation and response, today announced the launch of Vectra MXDR services, the industry's first global, 24x7 open MXDR service built to ...
10 months ago Darkreading.com
Salt Security Delivers API Posture Governance Engine - PRESS RELEASE. PALO ALTO, Calif., Jan. 17, 2024 /PRNewswire/ - Salt Security, the leading API security company, today announced multiple advancements in discovery, posture management and AI-based threat protection to the industry leading Salt ...
11 months ago Darkreading.com
6 Best Intrusion Detection & Prevention Systems for 2024 Reviewed - Intrusion detection systems and intrusion prevention systems - often combined as intrusion detection and prevention - play a key role in network security defenses. IDPS products often have features like log analysis, alerts, and threat remediation to ...
10 months ago Esecurityplanet.com
Quorum Cyber Joins Elite Microsoft FastTrack-Ready Partner Group - PRESS RELEASE. Edinburgh, United Kingdom - February 15, 2024 - Quorum Cyber, a leading cybersecurity firm with operations in the UK and the U.S., today announced its designation as a Microsoft FastTrack-ready partner. This designation complements the ...
10 months ago Darkreading.com
How to Enrich Data for Fraud Reduction, Risk Management and Mitigation in BFSI - To stay ahead of these challenges, organizations are increasingly relying on data products to enrich their data and enhance their fraud reduction and risk management strategies. The Data Revolution in BFSI. Data is the lifeblood of the BFSI sector. ...
10 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)