From unstructured data to actionable intelligence: Using machine learning for threat intelligence
Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response
Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.
The evolution of Microsoft Threat Protection—July update
Learn about the latest enhancements to Microsoft Threat Protection, the premier solution for securing the modern workplace across identities, endpoints, user data, apps, and infrastructure.
New machine learning model sifts through the good to unearth the bad in evasive malware
Most machine learning models are trained on a mix of malicious and clean features. Attackers routinely try to throw these models off balance by stuffing clean features into malware. Monotonic models are resistant against adversarial attacks because they are trained differently: they only look for malicious features.
Inside out: Get to know the advanced technologies at the core of Microsoft Defender ATP next generation protection
While Windows Defender Antivirus makes catching 5 billion threats on devices every month look easy, multiple advanced detection and prevention technologies work under the hood to make this happen. Multiple next-generation protection engines to detect and stop a wide range of threats and attacker techniques at multiple points, providing industry-best detection and blocking capabilities.
The evolution of Microsoft Threat Protection, June update
Learn about new Microsoft Threat Protection capabilities now in public preview.
Step 9. Protect your OS: top 10 actions to secure your environment
The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 9. Protect your OS,” you’ll learn how to configure Microsoft Defender Advanced Threat Protection to prevent, detect, investigate, and respond to advanced threats.
Executing on the vision of Microsoft Threat Protection
Learn about how we’re already executing on the vision of Microsoft Threat Protection—the premier solution for securing the modern workplace across identities, endpoints, user data, apps, and infrastructure.
Detecting credential theft through memory access modelling with Microsoft Defender ATP
Microsoft Defender ATP instruments memory-related function calls such as VirtualAlloc and VirtualProtect to catch in-memory attack techniques like reflective DLL loading. The same signals can also be used to generically detect malicious credential dumping activities performed by a wide range of different individual tools.
Understand and improve your security posture with Microsoft 365
Instill confidence in your board with a stronger security posture. Read our latest e-book, “Understand & Improve your security posture,” to find out how.
The evolution of Microsoft Threat Protection, April update
Learn about the latest updates to Microsoft Threat Protection and the details of its foundation built on supporting Zero Trust.
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability
A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.