You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: exposure-management/whats-new.md
+23Lines changed: 23 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -32,6 +32,29 @@ We are excited to announce the general availability of Microsoft Security Exposu
32
32
33
33
With this GA release, you can now build and enhance a Continuous Threat Exposure Management (CTEM) program, continuously identifying, prioritizing, and mitigating risks across your digital landscape.
34
34
35
+
### Attack path enhancements
36
+
37
+
##### **Hybrid attack paths: On-Prem to Cloud**
38
+
39
+
We now support the discovery and visualization of hybrid attack paths that originate from on-premises environments and traverse into cloud infrastructures. We have introduced a new **Type column** for the attack paths to display the support for hybrid paths that transition between
40
+
on-premises and cloud environments, or vice versa. This feature equips security teams to:
41
+
42
+
-**Identify cross-environment attack vectors:** See how vulnerabilities in on-prem environments can be leveraged to target assets in the cloud.
43
+
-**Prioritize remediation effectively:** Gain clarity on the potential risks to critical cloud assets stemming from your hybrid infrastructure.
44
+
-**Enhance hybrid defense strategies:** Use these insights to strengthen both on-prem and cloud security postures.
45
+
46
+
This capability bridges a critical gap in securing hybrid environments by offering end-to-end visibility into interconnected attack paths.
47
+
48
+
##### **DACL-based path analysis**
49
+
50
+
Our attack path calculations now include support for **Discretionary Access Control Lists (DACLs)**, providing a more accurate representation of potential attack paths by incorporating group-based permissions. This enhancement enables defenders to:
51
+
52
+
- Make more informed decisions when addressing risks related to permission structures.
53
+
- View risks in the environment the same way attackers do
54
+
- Identify low hanging fruit chokepoints that significantly expose the environment to risk
55
+
56
+
For more information, see, [Review attack paths](review-attack-paths.md)
57
+
35
58
### External data connectors
36
59
37
60
We have introduced new external data connectors to enhance data integration capabilities, allowing seamless ingestion of security data from other security vendors. Data collected through these connectors is normalized within our exposure graph, enhancing your device inventory, mapping relationships, and revealing new attack paths for comprehensive attack surface visibility. These connectors help you to consolidate security posture data from various sources, providing a comprehensive view of your security posture.
0 commit comments