top of page

Microsoft Critical Asset Protection

Updated: Jul 23

Critical assets are IT resources essential to business, including data, applications and endpoint devices. Infrastructure that gives access to these assets may also fall under this definition. Threat actors are constantly searching for vulnerabilities they can exploit in order to gain entry to your critical assets or exploit your infrastructure as part of an attack strategy; to better safeguard against such attacks you need full visibility over all assets within your environment.

Microsoft Critical Asset Protection allows you to utilize predefined or custom criticality rules to tag assets in your managed environment, then utilize these tags for scenarios like risk prioritization and attack path analysis to help protect the most precious of your assets.

Microsoft utilizes telemetry from both managed and unmanaged devices within your organization to identify critical assets. This telemetry includes information such as device domain membership, user logins, and various network signals; combined together this helps determine whether an asset truly deserves to be marked as critical. For example, we implement a procedure to evaluate whether Windows servers serve as management domains for Active Directory services - this procedure implements different logics to recognize whether they offer AD functionality while also comparing that information against device telemetry collected about them.

Security Posture Manager offers predefined critical asset classifications, but you can also customize criticality rules yourself. To create one, navigate to the Critical asset management page and select Add a critical asset rule; create your name and description before adding one or more boolean filters that define device, identity or cloud resource resources as devices or identities and set a criticality level accordingly.

Once a rule has been created, it will appear on the Critical asset management page in Security Posture Manager. To view assets that meet its criteria for that rule, select View assets with this criticality rule.

Start identifying critical assets with Security Posture Manager by activating its Critical Asset Detection Policy via Manage Critical Assets in Security Posture Manager on the Settings Menu, or uncheck it altogether to disable critical asset detection in Security Posture Manager.

0 views0 comments

Comentarios


bottom of page