At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities.
Threat actors evade detection by adopting the Sliver command-and-control (C2) framework in intrusion campaigns.
Microsoft speakers at Gartner Identity & Access Management Summit focus on permissions management, infrastructure attacks, and moving to cloud-based identity.
Microsoft Defender Experts for Hunting is now generally available. The security offering provides a proactive hunting service combining expert-trained technology with human-led services to hunt for threats across Microsoft 365 data.
Maria Markstedter, CEO of Azeria Labs, shares insights on the growing interest in Arm assembly and strategies to help security professionals avoid burnout.
Former three-term Ontario Information and Privacy Commissioner Ann Cavoukian, Ph.D., talks about her seven foundational principles of privacy by design and the importance of data privacy.
A compromise recovery, in general, means that we are implementing several years of work in cybersecurity in only six weeks. It is intense, and it changes how administrators work and how systems break. The main goals are to take back control, keep that control, and add this mindset to the customer.
Technology alone is not enough to defend against cybercrime. It’s critical, but it’s the combination of leading technologies, comprehensive threat intelligence, and highly skilled people that makes for a truly effective security posture.
Our approach to threat hunting is designed to evaluate impact and escalate potential threats for investigation, based on how damaging the potential threat would be. It is also designed for speed: due to the highly time-sensitive nature of the threat response, the most dangerous potential threats are analyzed first.
CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place.
A probabilistic graphical modeling framework used by Microsoft 365 Defender research and intelligence teams for threat actor tracking enables us to quickly predict the likely threat group responsible for an attack, as well as the likely next attack stages.
From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones we can, and are changing across the cybersecurity landscape.
