Microsoft tools have long been top targets for threat actors, partly because of their widespread use in enterprise environments. Hundreds of millions of people use Microsoft 365 and Active Directory, and millions of organizations have deployed Exchange Server.
Threat actors also target Microsoft because of the vulnerabilities in its software. In fact, four of the most frequently exploited CVEs in 2022 were connected to Microsoft products, according to the U.S. Cybersecurity and Infrastructure Agency. The good news is that the ExtraHop Reveal(x) NDR platform detects all four of these vulnerabilities, three with the core NDR tool and the fourth with the Reveal(x) IDS module.
Reveal(x) gives security analysts unequaled visibility into enterprise networks, helping them detect and stop attacks before they result in major damage and cost millions of dollars. This visibility extends to Microsoft environments.
With Reveal(x), users receive timely detections and Threat Briefings for vulnerabilities in Microsoft products. In addition to detections of the four Microsoft vulnerabilities on CISA’s 2022 list, Reveal(x) covers BloodHound and NTLM relay attacks on Active Directory, Windows Print Spooler exploits, and many others...Read More!
