Over the past decade, more and more companies have switched to Microsoft environments 365 and Microsoft Azure to better manage their resources This change has also increased the number of attacks targeting these popular platforms
In light of these changes, la Cybersecurity & U.S. Infrastructure Security Agency released a free tool to detect malicious activity in M365 or Azure environments Incident responders and security administrators are expected to be able to use the tool to detect early intrusions and prepare with the right set of countermeasures.
CISA's free tool, Homeland Security, is called Sparrowps1, and CISA's Cloud Forensics team contributed significantly to its development. The tool's official GitHub page states that it should not be viewed as a complete replacement for intrusion detection systems
Instead of that, CISA designed the tool to narrow down the possibilities that may have caused the malicious entry in the first place According to an official description, Sparrowps1 will install the necessary PowerShell modules on the system It will keep an eye on specific indicators to predict if the system is under attack or if there are malicious elements present in the file system
Unlike other detection utilities available for Azure and Microsoft 365, Sparrowsp1 is completely free and is available in the global public domain This means that the tool will receive further updates from the public domain developer community in the near future..
CISA Says Its Cloud Forensics Team Has Analyzed A Large Number Of Recent Attacks On The Azure Platform / M3365 to understand common factors, which can then be used by Sparrowsp1 to detect an upcoming attack before the team sees any apparent problems
This announcement comes as Microsoft increases the level of protection offered on Azure and Microsoft platforms 365 In the related news, the company introduced a feature that alerts administrators if an incident is detected
However, what makes Sparrowps1 a compelling choice, is that the Department of Homeland Security always has more data at its disposal than Microsoft, which means it might also do a better job of detecting threats.
Microsoft Corporation, Office 365, Vulnerability, IT security, Microsoft Azure
News – GB – USA launches free Sparrowps1 vulnerability detection tool
Associated title :
– USA launches free vulnerability detection utility, Sparrowps1, for microsoft 365 and more
– Homeland Security& # 39; s CISA Releases Sparrow Exploitation and Vulnerability Detection Tool for Microsoft Networks 365