Read what Tomer Teller, Principal Security PM Lead – Threat & Vulnerability Management at Microsoft, wrote about Microsoft’s partnership with XM Cyber.
“Our newest partner, XM Cyber, a breach and attack simulation and security posture management solution provider, integrates with Microsoft Defender ATP and threat and vulnerability management to help customers see how an attacker moves laterally and compromises critical assets. The platform leverages the new machine tagging capability to help customers tag their most critical assets and adds rich contextual information to enable customers to fully assess the risk of an attack and understand the steps needed for remediation. We’re working with additional partners to incorporate machine tagging and can’t wait to share these collaborations with you in the near future.”
The article was published on July 14, 2020 on Microsoft Tech Community, a platform that gathers nearly 500,000 members and 109 community hubs.
Detailed Information on Potential Attack Paths
The integration gives customers detailed information on potential attack paths that might result from a compromised system. XM Cyber supports the investigative process initiated by a customer once a breach is detected. Once suspicious activity is discovered with Microsoft Defender ATP, the XM Cyber Platform explores and identifies the potential impact. By clearly identifying critical assets, the platform assists customers in fully understanding the overall risk and exactly what steps are required for remediation.
“Microsoft Defender ATP devices are enriched with additional context from XM Cyber that enables you to understand how from that breach the adversary might have moved laterally, reached other systems, or compromised critical assets,” says Boaz Gorodissky, Co-Founder and CTO of XM Cyber. “The additional context uncovers the full extent of the issue allowing for better threat hunting and incident response activities.”