As the MS documentation says:
Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure.
Basically you plug in your resources like:
- Web Pages
- IP Blocks
- IP Addresses
- SSL Certificates
- WHOIS Contacts
Defender EASM will then use these as a ‘seed’ to search through public information and report back.
You’ll then discover not only if you have any vulnerabilities in things like routers, web sites, etc but you’ll also probably find a whole swag of information that you didn’t know was out there.
In short, Defender EASM, acts as kind of a scheduled ‘penetration test’ for your environment, which I think is super handy
As you can see above, it ain’t very expensive either! To me that makes it a no-brainer. In my environment I have 40 odd discovered assets making the cost 64 cents a day and just over $19 per month! Peanuts for what it provides. Best of all, you also get a a free 30 day trial to see what it is all about.
Like Microsoft Sentinel back in the day, it is still early days for this service and I expect it to improve rapidly so now is the time to jump on board and start using it to get a feel for what it is all about. I certain have, and I encourage you to do the same.
Microsoft has documentation here:
if you want to read more.
One thought on “Go get Defender EASM”