CISO Series: Lessons learned from the Microsoft SOC—Part 1: Organization
In the first of our three part series, we provide tips on how to manage a security operations center (SOC) to be more responsive, effective, and collaborative.
In the first of our three part series, we provide tips on how to manage a security operations center (SOC) to be more responsive, effective, and collaborative.
Learn about the latest enhancements to Microsoft Threat Protection, the premier solution for securing the modern workplace across identities, endpoints, user data, apps, and infrastructure.
Microsoft Defender ATP, Microsoft’s endpoint protection platform, addresses this challenge by integrating with Azure Information Protection, Microsoft’s data classification, labeling, and protection solution.
The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In today’s installment, “Step 3. Protect your identities,” you’ll learn how to define security policies to protect individual user identities against account compromise and protect your administrative accounts.
Learn about the top feature updates for Microsoft Threat Protection in January.
In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. The breadth of telemetry, the strength of threat intelligence, and the advanced, automatic detection through machine learning, heuristics, and behavior monitoring delivered comprehensive coverage of attacker techniques across the entire attack chain.
Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign.
Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia.
We added new capabilities to each of the pillars of Windows Defender ATP’s unified endpoint protection platform: improved attack surface reduction, better-than-ever next-gen protection, more powerful post-breach detection and response, enhanced automation capabilities, more security insights, and expanded threat hunting.
In my last blog, we looked at five communication techniques that can help engage business managers in the work of cybersecurity. This week, we’ll look at how to use those techniques to bring the C-Suite into the conversation.
In this post we address the question: “How do we make data gravity a reality in the security operations center (SOC) while we are under increased and constant pressure from motivated threat actors?
Removing the need for files is the next progression of attacker techniques. While fileless techniques used to be employed almost exclusively in sophisticated cyberattacks, they are now becoming widespread in common malware, too.