TheWindowsClub News

TheWindowsClub Tech News covers the latest Microsoft Windows 10 news, along with other products & services like Office, etc.

USA launches free vulnerability detection utility, Sparrow.ps1, for Microsoft 365 and more

In the past decade, more organizations have transitioned into Microsoft 365 and Microsoft Azure environments to better manage their resources. This change has also increased the number of attacks targeting these popular platforms.

Microsoft 365

USA ups Microsoft 365 security

In light of these changes, the Cybersecurity & Infrastructure Security Agency of the United States has released a free-to-use tool that would detect malicious activities in the M365 or Azure environments. It is expected that incident responders and security administrators can use the tool to detect intrusions at the earliest and prepare with the right set of countermeasures.

The free tool from CISA, Homeland Security, is called Sparrow.ps1, and the Cloud Forensics team of the CISA has contributed a lot to its development. The official GitHub page of the tool indicates that it should not be considered a complete replacement to intrusion detection systems.

Instead, CISA has built the tool to narrow down the possibilities that may have caused the malicious entry in the first place. According to an official description, Sparrow.ps1 will install the necessary PowerShell modules on the system. It will keep an eye on specific indicators to predict whether the system is under attack or any malicious elements are present within the file system.

Unlike the other detection utilities available for Azure and Microsoft 365, Sparrow.sp1 is completely free to use and is available in the worldwide public domain. It means the tool would receive further updates from the public domain developers’ community in the near future.

CISA says that its Cloud Forensics team has analyzed a huge number of recent attacks to the Azure/M3365 platform to understand the common factors, which can then be used by Sparrow.sp1 to detect an upcoming attack before the team sees the apparent issues.

This announcement comes when Microsoft increases the level of protection offered in the Azure and Microsoft 365 platforms. In related news, the company introduced a feature that alerts administrators if an incident is detected.

However, what makes Sparrow.ps1 is a compelling choice is that the Department of Homeland Security always has more data at its disposal than Microsoft has, meaning that it could do a better job of threat detection as well.

Published on Tags:

TanmayPatange@TWCN

Tanmay loves writing about Technology, Internet, Apps, Social Media, and Cybersecurity. He also tracks OTT video content streaming space and likes to spend his weekends watching plays. You can contact him on Twitter @techtsp.

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap