Forescout announced integrations with Microsoft Sentinel as part of a broader initiative to support the Microsoft Security portfolio. These integrations will deliver real-time visibility, threat management, and incident response across the extended enterprise: campus, datacenter, remote workers, cloud, mobile, IoT, OT and IoMT endpoints. The continued rise in severity, sophistication, and number of cyberattacks has shown that many organizations' current disparate cybersecurity frameworks and tools are insufficient.

Understaffed security operations centers (SOCs), a proliferation of unmanaged devices, and newly discovered and exploitable vulnerabilities on legacy systems compound and exacerbate the risk and likelihood of a breach. sophisticated adversaries are targeting increasingly complex, heterogenous compute environments while security teams are inundated by false positives, and threats that get missed, aren't properly prioritized, or aren't responded to appropriately. Forescout helps enterprises continuously identify and classify every connected asset type - IT, OT, IoT and IoMT, managed, unmanaged or un-agentable - and enable the automated enforcement of appropriate security and compliance measures to reduce risk.

Microsoft's Sentinel platform adds a crucial layer of automated intelligence by delivering an impactful and automated way to drastically improve the signal to noise ratio security teams are grappling with daily. Forescout's new comprehensive integration with Microsoft Sentinel along with long standing touch points to Microsoft's broad Enterprise suite of solutions provides joint customers with real-time device context, risk insights, and automated mitigation and remediation capabilities that will improve overall security response times to incidents and events. This enables customers to remove complexity from the incident response process by leveraging Forescout's automation and AI to quickly make contextual decisions to improve security or mitigate a cyber-incident.

The benefits of the Forescout integration with Microsoft include: Faster mean time to respond (MTTR): Enables orchestration of host-based remediation through Microsoft Defender, via integrations with Microsoft Sentinel along with network-based response via Forescout, to accelerate mean-time-to-respond for the SOC. Comprehensive, real-time asset discovery and inventory: Provides a holistic 360-degree view of their enterprise environment. This includes valuable device context such as logical and physical network location, risk exposure, device identity, and taxonomy.

Asset Lifecycle Management: Automatically assess posture and enforce compliance, identify known vulnerabilities and indicators of compromise, quarantine at-risk devices, remediate problems, and allow endpoints back onto the network with appropriate network segmentation policies, all enforced from a single platform. An ideal set of capabilities to supplement "comply to connect" initiatives with a proven ability to never lose asset context at any stage of the process. Attack Surface and Automated Threat Management: Real-time risk assessment and remediation of endpoint posture to harden devices, segmentation policies to enforce least-privilege network connectivity, automated detection and quarantine controls that together enable a true Zero Trust architecture.