Check out these top stories for the latest news of the week for Microsoft partners in the Americas.
Partner Audience: AllPartners
Relevant to: #SuccessStory #GrowYourBiz #Azure #Security
In a world where cyber threats are constantly maturing and evolving, no one provider can do it all. That’s why Bulletproof has partnered with another Microsoft Intelligent Security Association (MISA) member, Senserva, to further develop our Microsoft Managed Extended Detection and Response (MXDR) services with an advanced automation technology called Drift Detector.
As technology evolves, our solutions must be optimized to meet the ever-changing needs of our customers. Through our Drift Detector technology, we’ll reduce the time it takes to detect changes in configuration that might impact our client’s security posture.
Elevating our MXDR solution through automation with Drift Detector
Security technology is no longer something that evolves every few years; it’s evolving in real time. For some customers, this can cause a deviation or, as we call it, a “drift” from the established best practice-based configuration, which can leave a gap and cause a security risk.
With the Drift Detector solution, we can detect deviations from the best practice configuration within minutes.
The Drift Detector solution is available to our Bulletproof 365 Enterprise (B365E) customers. Best practice security configurations are used; however, the customer can make updates and changes to their tenant. If the security configuration is changed after the onboarding, the drift detection technology will provide that visibility. It will periodically scan the tenant for changes and drifts from the previous B365E configurations. Scans don’t have to be manually initiated; the solution will do this automatically. This strengthens the posture and confidence of a customer’s B365E settings and speeds up detection and response time if a drift from the Gold Standard occurs.
Here’s how it works
The control hub for the solution, which will constantly scan for drifts, is an Azure-hosted, .NET web service. There is also a Gold Standard based on best practices for each security solution in the stack; the solution will compare customer settings to this Gold Standard. Deviations will be reported and the Security Operations Center (SOC) team at Bulletproof will immediately triage drifts to proactively fix drift-related security incidents within minutes.
Information about the Gold Standard settings and deviations will be stored within a geo-redundant Azure SQL Server secured with the latest Microsoft Entra ID authentication. The solution will update the database with any drifts detected, which are then cleared at the next scan. This allows the Bulletproof SOC team to act with the latest and most up-to-date information possible. The only scan information from a customer environment that will be stored is that which deviates from the accepted Bulletproof Gold Standard. This solution scans and compares security configurations on Microsoft Sentinel, Intune, Entra, and Defender.
Putting Drift Detector to the test with our Microsoft customers
Bulletproof worked with a municipality that was hit by a serious ransomware attack. After reviewing their security environment and pain points, we knew the best solution for the customer. Bulletproof 365 Enterprise (B365E), the end-to-end enterprise security solution built on Microsoft 365 and Microsoft Sentinel, was key to restoring services quickly for the city.
As a customer of B365E, the municipality was eligible for Drift Detector. They’ve been onboarded to further improve the security posture for the city. If a drift in Gold Standard configurations is automatically detected, Bulletproof will create a ticket that will be managed by the SOC team.
Learn how Bulletproof empowers organizations with enterprise-class security and productivity solutions.
Join the conversation
Want to explore this and other topics you care about with Microsoft and other US partners? Head over to the Microsoft Americas Partner Community on LinkedIn.