Microsoft increases security in Defender for Endpoint and can now detect unauthorized devices
Table of contents:
Microsoft continues to improve security in an application such as Microsoft Defender for Endpoint. A security platform built to help enterprise security managers prevent, detect, investigate, and respond to threats that now gives everyone the ability to discover unmanaged devices on a network
This is a functionality that was in the testing phase and now Microsoft has announced that reaches all users of the platform In this way, companies and organizations can detect if there are, for example, unauthorized connected phones or any unknown hardware on their network.
Always controlled devices
It was two months ago when Microsoft began testing a new series of functions. Enhancements coming to Microsoft Defender for Endpoint to give visibility into rogue devices connecting to a corporate network and thus prevent potential threats.
These unauthorized devices, such as mobile phones, tablets or any other hardware, pose a threat to the cybersecurity of an organization, since in many cases they are unprotected or out of date and are the first target of malicious attackers.
All of these capabilities, which were in the testing phase, arrive today for all Microsoft Defender for Endpoint users globally. And these are the new capabilities that it incorporates:
-
Discovery of endpoints and network devices connected to a corporate network: This enhancement gives Defender for Endpoint the ability to discover endpoints work, servers, and unmanaged mobile endpoints (Windows, Linux, macOS, iOS, and Android) that have not been onboarded and secured. In addition, network devices (for example: switches, routers, firewalls, WLAN controllers, VPN gateways, and others) can be discovered and added to the device inventory through periodic authenticated scans of pre-configured network devices.
-
Onboard discovered devices and secure them using built-in workflows: Once discovered, unmanaged network and endpoint devices connected to a network, they can be incorporated into Defender for Endpoint.
-
Review assessments and address threats and vulnerabilities on newly discovered devices—Once endpoints and vulnerabilities have been discovered network devices, assessments can be run using Defender for Endpoint's threat and vulnerability management capabilities. These security recommendations can be used to address device issues that help reduce an organization's exposure to threats and risk.
These new features are being rolled out globally and Microsoft for Endpoint users can check if they are active via a bannerappearing in the Endpoints section, Device Inventory>"
More information | Microsoft