{"id":914,"date":"2024-11-19T15:38:44","date_gmt":"2024-11-19T15:38:44","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=914"},"modified":"2024-11-19T15:38:44","modified_gmt":"2024-11-19T15:38:44","slug":"at-ignite-microsoft-looks-to-genai-exposure-managment-and-new-bug-bounties-to-secure-enterprise-it","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=914","title":{"rendered":"At Ignite, Microsoft looks to genAI, exposure managment, and new bug bounties to secure enterprise IT"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Microsoft announced a host of new security measures at its annual Ignite conference, with the goal of strengthening its existing data protection, endpoint security, and extended threat detection and response capabilities.<\/p>\n

Notable improvements include the introduction of a dedicated exposure management tool, an upgrade to insider risk management (IRM) tailored to GenAI usage, new data loss prevention<\/a> (DLP) features, and integration of genAI into Security Operations Center (SOC) processes.<\/p>\n

[ Related: Microsoft Ignite 2024 news and insights<\/a> ]<\/strong><\/p>\n

It also announced a new AI and cloud security bug bounty<\/a> program, Zero Day Quest, at the event.<\/p>\n

The new bug bounty program<\/h2>\n

\u201cLast year Microsoft awarded $16.6 million as part of our bug bounty programs to security researchers who reported vulnerabilities under coordinated vulnerability disclosure,\u201d said Tom Gallagher, VP of Engineering at Microsoft Security Response Centre. \u201cThis is more than anyone else in the industry. It is also important to note that Microsoft awards payments for vulnerability research, while many other companies require a working exploit to receive payment, which may involve multiple vulnerabilities and can require significantly more work.\u201d<\/p>\n

Zero Day Quest adds $4 million to that budget for research into AI and cloud flaws.<\/p>\n

That money may not go far with some bug bounty programs, like those from Apple and Zerodium, offering as much as $2 million for a single exploit. Researchers\u2019 submissions could also win them a place at an onsite hacking event in Redmond in 2025, Gallagher added.<\/p>\n

Moving from lists to graph protection<\/h2>\n

The company is also looking for ways to help enterprises secure their own systems with tools such as Microsoft Security Exposure Management, which is now generally available.<\/p>\n

This aims to transform security through graph-based posture management rather than list-based protection, mapping the changing relationships between underlying assets such as identities, credentials, permissions, files, devices, and other connections in enterprises.<\/p>\n

\u201cTraditional vulnerability management is no longer sufficient,\u201d said Brjann Brekkan, Microsoft\u2019s director of product marketing \u00a0for security posture and exposure management, in a statement shared with CSOonline. \u201cWhile patching every potential weakness might seem like a solution, it\u2019s neither practical nor effective. Instead, modern security strategies must focus on the exposures that are easiest for attackers to exploit, prioritizing vulnerabilities that present the greatest risk.\u201d<\/p>\n

Microsoft released a public preview of Security Exposure Management earlier this year and it has since been tried out by more than 70,000 Microsoft customers for protecting critical entities, according to Vasu Jakkal, the company\u2019s corporate vice president of Security.<\/p>\n

The key offerings of the suite include attack surface management, attack path analysis, and unified exposure insights. \u201cExposure Management helps security teams understand the true topography of their attack surface, enabling them to prevent or minimise threats more effectively,\u201d Jakkal added.<\/p>\n

Bringing genAI into the fold<\/h2>\n

Microsoft also revealed a number of advances in securing its customers\u2019 use of AI, most of them in Microsoft Security Copilot.<\/p>\n

New Copilot skills have been unlocked for IT admins in Microsoft Entra, an identity and access management (IAM) offering, and Microsoft Intune, an endpoint management solution.<\/p>\n

Security Copilot began life in April with a preview release for Intune alone, and has now been expanded to power Intune, the Intune Suite, and Windows Autopatch, where it offers IT workers AI-guided insights to help them respond to incidents.<\/p>\n

Now, the company said, it will also be embedded in Microsoft Entra portal, with new capabilities available directly inidentity admin workflows.<\/p>\n

Additionally, Microsoft unveiled new Copilot skills for data security and compliance teams in Microsoft Purview, and for security operations teams in Microsoft Defender.<\/p>\n

Microsoft Purview Insider Risk Management (IRM) will introduce usage indicators and policy templates designed to detect both intentional and unintentional insider risk activities involving generative AI applications that could pose potential risks to organizational security.<\/p>\n

Also available for public preview now, new capabilities in Purview include Data Loss Prevention (DLP) for Microsoft 365 Copilot for preventing oversharing of data in AI apps and detecting risky AI use.<\/p>\n

Lastly, Security Operations Centre (SOC) analysts are now provided with a Security Copilot integration for identifying and resolving potential security issues with insights on identity behavior and misconfigurations.<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Microsoft announced a host of new security measures at its annual Ignite conference, with the goal of strengthening its existing data protection, endpoint security, and extended threat detection and response capabilities. Notable improvements include the introduction of a dedicated exposure management tool, an upgrade to insider risk management (IRM) tailored to GenAI usage, new data […]<\/p>\n","protected":false},"author":0,"featured_media":895,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-914","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/914"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=914"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/914\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/895"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}