Microsoft Defender ATP customers now have access to:
- Advanced threat forensics – Microsoft Defender ATP now has threat forensics including attacker IP/MAC, WiFi network details, malicious processes and apps, and reasons for device compromise or jailbreak;
- Real-time device status – The integrated solution automatically delivers an update of threat status in Microsoft Defender ATP as threats are resolved on mobile devices. This new functionality provides a real-time view on active threats and the current risk posture of each mobile device within the Microsoft Defender Security Center;
- Threat hunting – Security professionals can now hunt for mobile threats by user or devices within Microsoft Defender ATP (e.g., show me list of threats affecting my CFO or all of my C-suite executives); and
- Comprehensive endpoint visibility – In addition to having insight into the security posture of users or devices, administrators of Zimperium’s Mobile Threat Data can – for the first time – get a complete view of the security posture of all of the endpoints (laptop, desktop, tablet, phone) the employee leverages in their day to day work as they access corporate resources.
Combined with Zimperium’s integration with Microsoft Endpoint Manager (formerly Microsoft Intune) mobile device management (MDM) and mobile app management (MAM) solution for bring your own device (BYOD) policies, the solution can be configured to automatically enforce Conditional Access to contain the detected threat.
According to Gartner Analysts Dionisio Zumerle and Rob Smith’s “Market Guide for Mobile Threat Defense” Report (Published 14 November 2019), “Without support for mobile devices, there is a gap left in endpoint visibility that vendors are actively working to close.”
“For many businesses and government agencies around the world, mobile device threats are typically managed/researched/resolved in a separate mobile device console from traditional endpoints,” said Brian Peck, vice president of product management for Zimperium.
“This means an administrator is using multiple consoles when it comes to cybersecurity, which is an extremely inefficient and ineffective security process,” Peck said. “Maybe more importantly it increases risk significantly as mobile devices are not included in the overall threat analysis.”
The Zimperium MTD integration with Microsoft Defender ATP will provide customers with a single pane of glass view within Microsoft Defender Security Center for viewing, hunting and taking actions on mobile threats in the same console they currently use for managing threats from traditional endpoints like laptops and desktops running Windows, Mac and Linux.