Analysts need more information about assets where Microsoft Defender for Endpoint has identified an issue.
Integrating XM Cyber with Microsoft Defender for Endpoint (MDE) gives customers detailed information on potential attack paths that might result from a compromised system. By clearly identifying critical assets, the platform assists customers in fully understanding the potential impact of a breach and exactly what steps are required for remediation.
The combined capability improves visibility and lowers risk, helping customers prioritize security resources and focus on protecting their most critical assets.
The XM Cyber Attack-Centric Exposure Prioritization Platform (ACEPP) continuously identifies new exposures and attack vectors, prioritizes the cyber risks that affect business-sensitive systems and provides context-sensitive remediation options. And it allows the security and IT operation teams to achieve higher security posture and operational efficiency by focusing and remediating the cyber risks allowing attackers to breach business sensitive systems.
Working together, XM Cyber with Microsoft Defender for Endpoint (MDE) gives customers the ability to rapidly respond as a result of having a deeper understanding of the risks to critical business systems, laser-focused prioritization of exposures, and context-sensitive, least-effort remediation reporting.
Better Together – XM Cyber and Microsoft Defender for Endpoint
Breach Points and Critical Assets are Easily Identified
The XM Cyber Platform helps users of Microsoft Defender for Endpoint to identify and tag their most critical assets.
Choke point identification Reduces Risk
XM Cyber identifies assets on the network that can affect other assets. The more links to other assets, the greater the risk and the higher the priority must be to remediate.
Rich, contextual information XM Cyber adds to the process of remediation prioritization indicates to customers whether or not they need to investigate deeper or give higher attention and priority when it comes to reducing risk.
Improved Investigative Process
Once suspicious activity is discovered with Microsoft Defender for Endpoint, the XM Cyber Platform explores and identifies the potential impact.
Weighted Scoring Based on Asset Criticality
Combining efforts with threat and vulnerability management, the machine tagging is used to incorporate the risk appetite of an individual asset into the exposure score calculation.
Validate the importance of Defender Alerts
Run attack scenarios using specific assets identified by MDE to evaluate the risk and potential impact a breach might have on the entire network.