The continued rise in severity, sophistication, and number of cyberattacks has shown that many organizations’ current disparate cybersecurity frameworks and tools are insufficient. Understaffed security operations centers (SOCs), a proliferation of unmanaged devices, and newly discovered and exploitable vulnerabilities on legacy systems compound and exacerbate the risk and likelihood of a breach. Sophisticated adversaries are targeting increasingly complex, heterogenous compute environments while security teams are inundated by false positives, and threats that get missed, aren’t properly prioritized, or aren’t responded to appropriately.
Forescout helps enterprises continuously identify and classify every connected asset type – IT, OT, IoT and IoMT, managed, unmanaged or un-agentable – and enable the automated enforcement of appropriate security and compliance measures to reduce risk.
"We’re proud to join the Microsoft Intelligent Security Association (MISA) through our integration with Microsoft Sentinel, to provide customers with a comprehensive and holistic approach to cybersecurity,” said Barry Mainz, CEO of Forescout. “With this integration, Forescout helps security teams more deeply understand the risks within their network, helps mitigate cyber-attacks, and most crucially, helps them respond rapidly and accurately if one does occur."
Microsoft’s Sentinel platform adds a crucial layer of automated intelligence by delivering an impactful and automated way to drastically improve the signal to noise ratio security teams are grappling with daily.
Forescout’s new comprehensive integration with Microsoft Sentinel along with long standing touch points to Microsoft’s broad Enterprise suite of solutions provides joint customers with real-time device context, risk insights, and automated mitigation and remediation capabilities that will improve overall security response times to incidents and events. This enables customers to remove complexity from the incident response process by leveraging Forescout’s automation and AI to quickly make contextual decisions to improve security or mitigate a cyber-incident.
The benefits of the Forescout integration with Microsoft include:
- Faster mean time to respond (MTTR): Enables orchestration of host-based remediation through Microsoft Defender, via integrations with Microsoft Sentinel along with network-based response via Forescout, to accelerate mean-time-to-respond for the SOC.
- Comprehensive, real-time asset discovery and inventory: Provides a holistic 360-degree view of their enterprise environment. This includes valuable device context such as logical and physical network location, risk exposure, device identity, and taxonomy.
- Asset Lifecycle Management: Automatically assess posture and enforce compliance, identify known vulnerabilities and indicators of compromise, quarantine at-risk devices, remediate problems, and allow endpoints back onto the network with appropriate network segmentation policies, all enforced from a single platform. An ideal set of capabilities to supplement “comply to connect” initiatives with a proven ability to never lose asset context at any stage of the process.
- Attack Surface and Automated Threat Management: Real-time risk assessment and remediation of endpoint posture to harden devices, segmentation policies to enforce least-privilege network connectivity, automated detection and quarantine controls that together enable a true Zero Trust architecture.
“Microsoft Sentinel brings together data, intelligent analytics, and workflows to unify and accelerate threat detection and response across the enterprise. With Microsoft Sentinel Content hub customers gain access to robust built-in and partner published content and solutions with the click of a button. We are thrilled to collaborate with partners like Forescout, to develop valuable and innovative content for our users,” said Rob Lefferts, Corporate Vice President, Modern Protection and SOC.
Forescout solutions that integrate with Microsoft Sentinel are available now. For more information about the collaboration, click here.
About Forescout
Forescout Technologies, Inc., a global cybersecurity leader, continuously identifies, protects and helps ensure the compliance of all managed and unmanaged connected cyber assets – IT, IoT, IoMT and OT. For more than 20 years, Fortune 100 organizations and government agencies have trusted Forescout to provide vendor-agnostic, automated cybersecurity at scale. The Forescout® Platform delivers comprehensive capabilities for network security, risk and exposure management, and extended detection and response. With seamless context sharing and workflow orchestration via ecosystem partners, it enables customers to more effectively manage cyber risk and mitigate threats. www.forescout.com