XM Cyber Now Integrated with Microsoft Defender Advanced Threat Protection (ATP)
Attack Simulation Gives Essential Context to Microsoft Defender ATP Customers
HERZLIYA, Israel, July 13, 2020 — XM Cyber, the multi-award-winning leader in breach and attack simulation (BAS) advanced cyber risk analytics and cloud security posture management, today announced its integration with Microsoft Defender Advanced Threat Protection (ATP). The integration gives customers detailed information on potential attack paths that might result from a compromised system.
XM Cyber supports the investigative process initiated by a customer once a breach is detected. Once suspicious activity is discovered with Microsoft Defender ATP, the XM Cyber Platform explores and identifies the potential impact. By clearly identifying critical assets, the platform assists customers in fully understanding the overall risk and exactly what steps are required for remediation.
“Microsoft Defender ATP devices are enriched with additional context from XM Cyber that enables you to understand how from that breach the adversary might have moved laterally, reached other systems, or compromised critical assets,” says Boaz Gorodissky, Co-Founder and CTO of XM Cyber. “The additional context uncovers the full extent of the issue allowing for better threat hunting and incident response activities.”
XM Cyber is advancing the security industry with patented products that enable enterprises to automatically and continuously test their security posture. By safely simulating attacks 24/7, XM Cyber exposes real-life security issues that arise from vulnerabilities, human error and misconfigurations. Additionally, recommendations to remediate issues are provided and prioritized based on importance and relation to the customer’s most critical assets. By helping businesses to constantly improve their security posture, XM Cyber reduces costs and allows security teams to focus on the most critical issues, all while lowering exposure and risk.
The XM Cyber Platform also helps users of Microsoft Defender ATP to identify and tag their most critical assets. With this additional information, customers have a clear understanding of risk associated with alerts coming from Microsoft Defender ATP. Combining efforts with threat and vulnerability management, the machine tagging is used to incorporate the risk appetite of an individual asset into the exposure score calculation. Therefore, machines marked as “high value” will receive more weight in the exposure score calculation.
“The rich, contextual information XM Cyber adds to the process of remediation prioritization indicates to customers whether or not they need to investigate deeper or give higher attention and priority when it comes to reducing risk.” says Tomer Teller , principal security program manager, Microsoft 365 Security. “The combined capability improves visibility and lowers risk as more CISOs focus on applying security resources against their most critical assets.”
XM Cyber acts as a virtual hacker showing all possible attack paths. Microsoft Defender ATP devices are enriched with this additional information, giving the customer a greater understanding of risk and exposure level, as well as recommended remediation.
“For example, Microsoft Defender ATP identifies a device with a high-risk level due to suspected credential dumping. With XM Cyber, the customer continuously runs attack simulations to understand immediately if and how a hacker can move from that user device to a critical asset such as a device in the PCI segment,” says Gorodissky. “We show customers what would happen if an attacker breached one of their devices.”
XM Cyber has received several industry awards recognizing the innovation and effectiveness of its solutions, including being recognized as a Gartner ”2020 Cool Vendor,” a World Economic Forum “Technology Pioneer,” and a SINET16 winner. XM Cyber’s customers include leading financial institutions and critical infrastructure organizations across North America, Europe, Israel and Australia. The company currently has customers across the US, Europe and Asia with a growing presence in Latin America.
About XM Cyber
XM Cyber brings innovation to the security industry with patented products that address the unique gaps that arise in large, complex networks. By safely and continuously simulating attacks on premise and in the cloud, XM Cyber exposes real-life security issues that arise from vulnerabilities, human error and misconfigurations. Remediation recommendations are prioritized based on criticality and relation to the customer’s most critical assets. The customer achieves a continual cycle of security posture improvement, optimizing security investments and human resources, and lowering exposure and risk. XM Cyber was founded by top executives from the Israeli cyber intelligence community and has offices in the US, UK, and Israel.