|
| 1 | +--- |
| 2 | +title: Review security initiatives in Microsoft Security Exposure Management |
| 3 | +description: Learn how to work with security Initiatives in Microsoft Security Exposure Management. |
| 4 | +ms.author: dlanger |
| 5 | +author: dlanger |
| 6 | +manager: rayne-wiselman |
| 7 | +ms.topic: overview |
| 8 | +ms.service: exposure-management |
| 9 | +ms.date: 10/09/2024 |
| 10 | +--- |
| 11 | + |
| 12 | +# Security Initiatives |
| 13 | + |
| 14 | +## Business Email Compromise - Financial fraud |
| 15 | + |
| 16 | +Business email compromise (BEC) financial fraud is a social engineering attack that aims to steal money or sensitive information. The attacker tricks the target into believing they are interacting with a trusted entity to conduct either personal or professional business. After deceiving the target, the attacker persuades them to share valuable information or process a payment. |
| 17 | + |
| 18 | +## CIS M365 Foundations Benchmark |
| 19 | + |
| 20 | +The CIS Microsoft 365 Foundations Benchmark (v3.0.0) is a set of security assessments developed by the Center for Internet Security (CIS). It provides prescriptive guidance for establishing a secure baseline configuration for Microsoft 365. The benchmark includes configuration baselines and best practices for securely configuring a system. The benchmark is internationally recognized as a security standard for defending IT systems and data against cyber attacks. This initiative contains a subset of security assessments recommended by the CIS |
| 21 | + |
| 22 | +## Cloud Security [Preview] |
| 23 | + |
| 24 | +This initiative aims to reflects the status around cloud security coverage, ROI, health, configuration and performance. It consists of measurements across multiple domains and disciplines to provide security managers with a high-level view into how posture is enforced in cloud ops. |
| 25 | + |
| 26 | +## Critical Asset Protection [Preview] |
| 27 | + |
| 28 | +Critical asset protection refers to the strategies, processes, and technologies implemented to safeguard an organization's most valuable and important assets from various threats and risks. It involves identifying, prioritizing, and applying targeted security measures to ensure the resilience and integrity of these critical assets. |
| 29 | + |
| 30 | +## Cryptographic Assessment |
| 31 | + |
| 32 | +The Cryptographic Assessment initiative involves discovering and managing cryptographic assets inside your organization to ensure cryptographic risk management, post quantum safety and cryptographic agility. It addresses the complexity of cryptography dispersed throughout IT architectures, embedded into various components across your organization. |
| 33 | + |
| 34 | +Endpoint Security |
| 35 | + |
| 36 | +Monitor the coverage and configuration of physical and virtual workstations, servers and mobile phones. |
| 37 | + |
| 38 | +## Enterprise IoT Security |
| 39 | + |
| 40 | +IoT devices are often connected to endpoints, to one another or to the internet, which means they are potential targets for cyberattacks. It's imperative for businesses to monitor the security of their IoT devices, including their spread, configuration, connectivity, exposure, and behavior. This initiative will provide overall visibility into the risk introduced by IoT devices in the enterprise and the resilience the organization has to mitigate it. |
| 41 | + |
| 42 | +## External Attack Surface Protection |
| 43 | + |
| 44 | +Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall. Attack Surface Insights are generated by leveraging vulnerability and infrastructure data to showcase the key areas of concern for your organization. This initiative requires no license and is complementary. |
| 45 | + |
| 46 | +## Identity Security |
| 47 | + |
| 48 | +Identity security is the practice of protecting the digital identities of individuals and organizations. This includes protecting passwords, usernames, and other credentials that can be used to access sensitive data or systems. Identity security is essential for protecting against a wide range of cyber threats, including phishing, malware, and data breaches. By taking proactive steps, organizations can help to protect their digital identities and sensitive data from cyber threats. |
| 49 | + |
| 50 | +## OT Security |
| 51 | + |
| 52 | +Monitors and safeguards Operational Technology (OT) environments within the organization by employing network layer monitoring. This initiative identifies devices across physical sites, pinpoints their risks, and ensures comprehensive protection and security management of OT systems. |
| 53 | + |
| 54 | +## Ransomware Protection |
| 55 | + |
| 56 | +Ransomware attacks have become increasingly common in recent years, and they can have a devastating impact on organizations. Organizations can and should be proactive in managing a good security posture against ransomware. One of the first steps is to ensure that recommended controls are in place and are utilized and configured properly, hence reducing the risk of a successful ransomware attack making way into corporate networks and assets. |
| 57 | + |
| 58 | +## SaaS Security |
| 59 | + |
| 60 | +This initiative focuses on displaying the current state of SaaS (software as a service) security coverage, health, configuration and performance. It consists of metrics across multiple domains and disciplines to provide security managers with a high-level view into their SaaS security posture management. To make the most of this Initiative, activate application connectors for the following: Microsoft 365, Salesforce, ServiceNow, GitHub, Okta, Citrix ShareFile, DocuSign, Dropbox, Google Workspace, NetDocuments, Workplace (preview), Zendesk, Zoom (preview), Atlassian. Learn more on connectors enablement: https://aka.ms/AAs4lmg |
| 61 | + |
| 62 | +## Vulnerability Assessment |
| 63 | + |
| 64 | +This initiative serves as a central hub for security managers to continuously assess and analyze vulnerabilities and misconfigurations across the organization's digital landscape. In the Vulnerability Assessment initiative users can actively identify, prioritize, track and delegate vulnerabilities with in the IT infrastructure and the cloud. Users gain real-time visibility into the security posture of their organization, enabling data-driven decision-making for resource investment and placement. This collaborative environment ensures a holistic approach to vulnerability management, empowering stakeholders to proactively strengthen their security defenses, reduce the attack surface, and enhance overall resilience against evolving cyber threats. |
| 65 | + |
| 66 | +## Zero Trust (Foundational) |
| 67 | + |
| 68 | +Zero Trust is a security strategy that follows three principles, verify explicitly, use least privilege access, and assume breach. This initiative follows Microsoft's Zero Trust adoption framework to help you identify next steps in your Zero Trust strategy. You can learn more about the Zero Trust adoption framework here. |
| 69 | + |
| 70 | +## Next steps |
| 71 | + |
| 72 | +- [Improve security insights with exposure insights overview](exposure-insights-overview.md) |
| 73 | +- [Review security metrics](security-metrics.md) |
| 74 | +- [Explore security events](security-events.md) |
| 75 | +- [Review security recommendations](security-recommendations.md) |
0 commit comments