You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: exposure-management/initiatives-list.md
+14-2Lines changed: 14 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,12 +1,12 @@
1
1
---
2
2
title: Security initiatives in Microsoft Security Exposure Management
3
-
description: List of security Initiatives in Microsoft Security Exposure Management.
3
+
description: Catalog of security Initiatives in Microsoft Security Exposure Management.
4
4
ms.author: dlanger
5
5
author: dlanger
6
6
manager: rayne-wiselman
7
7
ms.topic: reference
8
8
ms.service: exposure-management
9
-
ms.date: 11/06/2024
9
+
ms.date: 11/12/2024
10
10
---
11
11
12
12
# Security Initiatives
@@ -29,6 +29,8 @@ This initiative aims to reflect the status around cloud security coverage, ROI,
29
29
30
30
Critical asset protection refers to the strategies, processes, and technologies implemented to safeguard an organization's most valuable and important assets from various threats and risks. It involves identifying, prioritizing, and applying targeted security measures to ensure the resilience and integrity of these critical assets.
31
31
32
+
[Learn more here.](https://aka.ms/xspm/cspm)
33
+
32
34
## Endpoint Security
33
35
34
36
Monitor the coverage and configuration of physical and virtual workstations, servers, and mobile phones.
@@ -41,10 +43,16 @@ IoT devices are often connected to endpoints, to one another or to the internet,
41
43
42
44
Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure. This visibility enables security and IT teams to identify unknowns, prioritize risk, eliminate threats, and extend vulnerability and exposure control beyond the firewall. Attack Surface Insights are generated by leveraging vulnerability and infrastructure data to showcase the key areas of concern for your organization. This initiative requires no license and is complementary.
43
45
46
+
[Learn more here.](https://aka.ms/xspm/EasmLearnMore)
47
+
44
48
## Identity Security
45
49
46
50
Identity security is the practice of protecting the digital identities of individuals and organizations. This includes protecting passwords, usernames, and other credentials that can be used to access sensitive data or systems. Identity security is essential for protecting against a wide range of cyber threats, including phishing, malware, and data breaches. By taking proactive steps, organizations can help to protect their digital identities and sensitive data from cyber threats.
47
51
52
+
## OT Security
53
+
54
+
Monitors and safeguards Operational Technology (OT) environments within the organization by employing network layer monitoring. This initiative identifies devices across physical sites, pinpoints their risks, and ensures comprehensive protection and security management of OT systems.
55
+
48
56
## Ransomware Protection
49
57
50
58
Ransomware attacks have become increasingly common in recent years, and they can have a devastating impact on organizations. Organizations can and should be proactive in managing a good security posture against ransomware. One of the first steps is to ensure that recommended controls are in place and are utilized and configured properly, hence reducing the risk of a successful ransomware attack making way into corporate networks and assets.
@@ -53,6 +61,8 @@ Ransomware attacks have become increasingly common in recent years, and they can
53
61
54
62
This initiative focuses on displaying the current state of SaaS (software as a service) security coverage, health, configuration, and performance. It consists of metrics across multiple domains and disciplines to provide security managers with a high-level view into their SaaS security posture management. To make the most of this Initiative, activate application connectors for the following: Microsoft 365, Salesforce, ServiceNow, GitHub, Okta, Citrix ShareFile, DocuSign, Dropbox, Google Workspace, NetDocuments, Workplace (preview), Zendesk, Zoom (preview), Atlassian. Learn more on connectors enablement: [https://aka.ms/AAs4lmg](https://aka.ms/AAs4lmg)
55
63
64
+
[Learn more here.](/defender-cloud-apps/saas-security-initiative)
65
+
56
66
## Vulnerability Assessment
57
67
58
68
This initiative serves as a central hub for security managers to continuously assess and analyze vulnerabilities and misconfigurations across the organization's digital landscape. In the Vulnerability Assessment initiative users can actively identify, prioritize, track, and delegate vulnerabilities with in the IT infrastructure and the cloud. Users gain real-time visibility into the security posture of their organization, enabling data-driven decision-making for resource investment and placement. This collaborative environment ensures a holistic approach to vulnerability management, empowering stakeholders to proactively strengthen their security defenses, reduce the attack surface, and enhance overall resilience against evolving cyber threats.
@@ -61,6 +71,8 @@ This initiative serves as a central hub for security managers to continuously as
61
71
62
72
Zero Trust is a security strategy that follows three principles, verify explicitly, use least privilege access, and assume breach. This initiative follows Microsoft's Zero Trust adoption framework to help you identify next steps in your Zero Trust strategy. You can learn more about the Zero Trust adoption framework here.
63
73
74
+
[Learn more here.](https://aka.ms/xspm/zeroTrustLearnMore)
0 commit comments