DART was called into an engagement where the adversary had a foothold within the on-premises network, which had been gained through compromising cloud credentials. Luckily, this customer had deployed Azure ATP prior to the incident and it had already normalized authentication and identity transactions within the customer network.
As part of Microsoft’s Detection and Response Team (DART) Incident Response engagements, we regularly get asked by customers about “paying the ransom” following a ransomware attack.
Spear phishing campaigns can be highly effective—but they aren’t foolproof. If you understand how they work, you can put measures in place to reduce their power.
We’ve been working with partners to design what we call Secured-core PCs, devices that meet a specific set of device requirements that apply the security best practices of isolation and minimal trust to the firmware layer.
DMARC security protocol helps you take control of who can send email messages on your behalf, eliminating the ability for cybercriminals to use your domain to send their illegitimate messages.
Our goal has remained the same since we first launched Microsoft Azure Sentinel in February: empower security operations teams to help enhance the security posture of our customers. Today, we take the next step in that journey by making Azure Sentinel generally available.
Are today’s students getting the preparation they need to do the cybersecurity work of tomorrow? Read the findings from the U.S. Department of Energy (DOE) CyberForce Competition.
Announcing a new identity threat investigation experience.
As detection capabilities advance, attackers are using new and stealthier techniques to stay undetected and persist with their motives. Azure Security Center, Microsoft’s cloud-based cyber solution helps customers safeguard their cloud workloads as well as protect them from these threats.
Learn about the latest updates to Microsoft Threat Protection and the details of its foundation built on supporting Zero Trust.
