Microsoft rolls out Protection to kitty critical accounts

Microsoft has launched Office 365 priority protection for accounts of high-profile employees such as executive-level managers who are most often targeted by threat actors.

The new feature was added to MS defender ATP which provides enterprise accounts with email threat protection from advanced threats including business email compromise and credential phishing, as well as automated remediation of detected attacks.

ADPriority Account Protection enables an organization’s security team to provide critical accounts with custom-tailored protection measures to block targeted attacks such as phishing that could lead to severe security breaches due to their access to highly sensitive company data.

It allows prioritizing alerts and threat investigations involving an organization’s most targeted or visible executive-level users.

Priority account tags

Enterprise security teams can also identify attacks targeting critical Office 365 accounts easier and quickly switch their efforts to campaign investigations involving C-suite users.

“These Priority account tags and filters will surface throughout the product, including in alerts, Threat Explorer, Campaign Views, and reports,” Microsoft previously said last month, when the feature was still in development.

Customers are required to have Defender for Office 365 Plan 2 subscriptions to get access to this new feature, including those with Office 365 E5, Microsoft 365 E5, or Microsoft 365 E5 Security.

Priority account alert

Microsoft has also announced the general availability of Office 365 Consent Phishing, including OAuth app publisher verification and app consent policies.

Redmond is also planning to add SMTP Strict Transport Security to secure Office 365 customers’ email communication integrity and security starting next month.

Once launched,MTA-STS support will help protect users’ Exchange Online emails against email interception and downgrade or man-in-the-middle attacks.

Tenable new feature for enhanced protection

Network security company Tenable Inc. today announced a number of new features, including new cloud scanning capabilities and measurement features designed to provide improved cloud security .

Frictionless Assessment offers what Tenable says is a new approach to vulnerability management for modern assets. The service leverages native technologies deployed as part of the cloud asset to assess instances continuously for vulnerabilities. Designed to harness the benefits of cloud-first environments without vulnerability management programs that require period scans or agent-based approaches, the new service allows customers to evaluate cloud assets without interruption, quickly detecting new vulnerabilities as their environment changes without intervention.

Initially launching on Amazon Web Services Inc., Frictionless Assessment uses AWS Systems Manager Run Command to maintain, update and reassess cloud instances without interruption, achieving and maintaining what Tenable says is accurate visibility into cybersecurity risks across all cloud-based assets.

Tenable Lumin, Tenable’s cyber exposure visualization, analytics and measurement solution, is also getting a number of upgrades designed to allow organizations to predict which vulnerabilities pose the greatest risk to their business. Using machine learning, the enhanced version of Lumin allows security teams to also measure how quickly and efficiently they remediate vulnerabilities.

The updated version of Tenable Lumin has several parts, starting with remediation maturity to help security teams not only measure their speed and efficiency of remediating vulnerabilities but also compare them to external peers and Tenable best practices. Remediation maturity is available to existing Lumin customers now.

A new mitigations function is designed to evaluate a security team’s response to critical risks when timely remediation isn’t possible. It provides an inventory of endpoint security controls for a more complete and accurate picture of an organization’s cyber exposure. That capability will be available in the fourth quarter.

Predictive scoring, also available in the fourth quarter, is said to deliver more accurate and comprehensive insight into an organization’s overall cyber exposure. The method infers the exposure scores of groups of assets before they have been assessed in detail.