Empower your analysts to reduce burnout in your security operations center
Strategic use of automation and metrics can help you create a continuous learning culture that keeps your team engaged in the work.
Making Azure Sentinel work for you
A new white paper outlines best practice recommendations for configuring data sources for incident response and proactively hunting for threats using Azure Sentinel.
Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting
This blog provides lessons learned on how Microsoft hunts for threats in our IT environment and how you can apply these lessons to building or improving your threat hunting program. This is the seventh in a series.
Feeling fatigued? Cloud-based SIEM relieves security team burnout
Most CISOs and CSOs are worried that a growing volume of alerts is causing burnout among their teams, according to new research from IDG.
Modernizing the security operations center to better secure a remote workforce
The modern SOC will use machine learning to help humans protect organizations in a multi-cloud, IoT world.
Open-sourcing new COVID-19 threat intelligence
While the world faces the common threat of COVID-19, defenders are working overtime to protect users all over the globe from cyber-criminals using COVID-19 as a lure to mount attacks.
Threat hunting: Part 1—Why your SOC needs a proactive hunting team
A threat hunting team can help you defend against stealth attackers.
Free import of AWS CloudTrail logs through June 2020 and other exciting Azure Sentinel updates
Learn how Azure Sentinel helps SecOps to improve security across hybrid environments with free import of AWS CloudTrail logs through June 2020 and other product updates.
Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals
Azure Sentinel Fusion technology uses powerful machine learning methods to enable your SecOps team to focus on the threats that matter.
Microsoft Threat Protection stops attack sprawl and auto-heals enterprise assets with built-in intelligence and automation
Threat protection that changes our approach to attacks requires built-in intelligence that can understand how an attack got in, prevent its spread across domains, and automatically heal compromised assets.