Expanded Microsoft Security Experts offerings provide comprehensive protection
Read about the latest updates to our Microsoft Security Experts product offerings.
Microsoft Defender Experts for XDR helps triage, investigate, and respond to cyberthreats
Take a closer look at how Microsoft Defender Experts for XDR works, and how it complements the power of the Microsoft 365 Defender suite.
Meet unprecedented security challenges by leveraging MXDR services
Microsoft is excited to announce the general availability of Microsoft Defender Experts for XDR, a first-party MXDR offering that gives security teams air cover with end-to-end protection and expertise.
Solving one of NOBELIUM’s most novel attacks: Cyberattack Series
This is the first in an ongoing series exploring some of the most notable cases of the Microsoft Detection and Response Team (DART), which investigates cyberattacks on behalf of our customers. The Cyberattack Series takes you behind the scenes for an inside look at the investigation and share lessons that you can apply to better protect your own organization. In this story, we’ll explore how NOBELIUM continues to target identity providers with novel attacks—and how Microsoft DART identified one of NOBELIUM‘s most creative exploits yet.
Token tactics: How to prevent, detect, and respond to cloud token theft
As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.
Microsoft Security tips for mitigating risk in mergers and acquisitions
Mergers and acquisitions can be challenging. Microsoft’s Security Experts share what to ask before, during, and after one to secure identity, access control, and communications.
How to prevent lateral movement attacks using Microsoft 365 Defender
Learn how Microsoft 365 Defender can enhance mitigations against lateral movement paths in your environment, stopping attackers from gaining access to privileged and sensitive accounts.
The art and science behind Microsoft threat hunting: Part 2
In this follow-up post in our series about threat hunting, we talk about some general hunting strategies, frameworks, tools, and how Microsoft incident responders work with threat intelligence.
Implementing a Zero Trust strategy after compromise recovery
After a compromise recovery follows what we call a Security Strategic Recovery. This is the plan for moving forward to get up to date with security posture all over the environment. The plan consists of different components like securing privileged access and extended detection and response, but it all points in the same direction: moving ahead with Zero Trust Strategy over traditional network-based security.
The art and science behind Microsoft threat hunting: Part 1
At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities.