{"id":84703,"date":"2018-08-13T09:00:57","date_gmt":"2018-08-13T16:00:57","guid":{"rendered":"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/?p=84703"},"modified":"2023-05-15T23:00:13","modified_gmt":"2023-05-16T06:00:13","slug":"cybersecurity-threats-how-to-discover-remediate-and-mitigate","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/","title":{"rendered":"Cybersecurity threats: How to discover, remediate, and mitigate"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-large wp-image-85798\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/uploads\/2018\/10\/Security-Deployment-image-981x1024.png\" alt=\"Image taken at the Microsoft Ignite Conference.\" width=\"981\" height=\"1024\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-image-981x1024.png 981w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-image-288x300.png 288w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-image-768x801.png 768w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-image.png 1500w\" sizes=\"(max-width: 981px) 100vw, 981px\" \/><\/p>\n<p><em>This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series you\u2019ll find context, answers, and guidance for deployment and driving adoption within your organization. Here is the second installment of an 8 part series on deploying intelligent security scenarios. Check out our last blog, <strong><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/08\/02\/protect-your-data-in-files-apps-and-devices\/\" rel=\"noopener\">Protect your data in files, apps, and devices<\/a><\/strong><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/08\/02\/protect-your-data-in-files-apps-and-devices\/\" rel=\"noopener\"><\/a>.<\/em><\/p>\n<p>Constantly evolving threats to your company data can cause even the most conscientious employee to unknowingly open infected files or click on malicious web links. Security breaches are inevitable. You need to discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches.<\/p>\n<p>Many common types of threats target attack vectors such as email, network endpoints, and user credentials. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors (Figure 1).<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-84718\" src=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/uploads\/2018\/08\/Cybersecurity-threats-1.png\" alt=\"\" width=\"713\" height=\"317\" srcset=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/Cybersecurity-threats-1.png 713w, https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/Cybersecurity-threats-1-300x133.png 300w\" sizes=\"(max-width: 713px) 100vw, 713px\" \/><\/p>\n<p style=\"text-align: center\"><em>Figure 1. Threat detection interoperates across Microsoft 365.<\/em><\/p>\n<h3>Protect identities: Azure Active Directory (Azure AD) and Azure Advanced Threat Protection (Azure ATP)<\/h3>\n<p><a target=\"_blank\" href=\"https:\/\/azure.microsoft.com\/en-us\/features\/azure-advanced-threat-protection\/\" rel=\"noopener\">Azure ATP<\/a> provides end-to-end network security by protecting user identities and credentials stored in on-premises Active Directory, while Azure Identity Protection protects them for Azure AD. To prevent identity credential attacks, <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/azure\/active-directory\/active-directory-conditional-access-azure-portal\" rel=\"noopener\">Azure AD conditional access<\/a> detects risk events, such as users with leaked credentials, sign-ins from anonymous IP addresses, impossible travel to atypical locations, infected devices, and IP addresses with suspicious activity or unfamiliar locations.<\/p>\n<p>Azure ATP detects suspicious activities across the network attack surface, such as:<\/p>\n<ul>\n<li>Reconnaissance work, during which attackers gather information on how the environment is built, what the different assets are, and which entities exist.<\/li>\n<li>Lateral movement cycles, during which attackers invest time and effort in spreading their attack deeper inside your network.<\/li>\n<li>Domain dominance (persistence), during which attackers capture the information, allowing them to resume their campaign using various sets of entry points, credentials, and techniques.<\/li>\n<\/ul>\n<p>These services that protect specific parts of the attack surface can also share signals to alert services protecting other surfaces of the enterprise.<\/p>\n<p>Azure ATP detects these suspicious activities and surfaces the information, including a clear view of who, what, when, and how, in the <a target=\"_blank\" href=\"https:\/\/portal.atp.azure.com\/unauthorized\" rel=\"noopener\">Azure ATP workspace portal<\/a>, which can be accessed by signing in to your Azure AD user account.<\/p>\n<h3>Protect email: Microsoft Office 365 Advanced Threat Protection (Office 365 ATP)<\/h3>\n<p>Threat protection for Office 365 begins with <a target=\"_blank\" href=\"https:\/\/products.office.com\/en-us\/exchange\/exchange-email-security-spam-protection\" rel=\"noopener\">Microsoft Exchange Online Protection<\/a>, which provides protection against all known malicious links and malware. Office 365 ATP builds on this protection by offering holistic and ongoing protection across your Office 365 environment, including email and business apps, by securing user mailboxes, business-critical files, and online storage against malware campaigns in real-time.<\/p>\n<p>Office 365 ATP Safe Links helps protect your environment by offering \u201ctime-of-click\u201d protection from malicious links. If a link is unsafe, the user is warned not to visit the site or informed that the site has been blocked. Office 365 ATP and Exchange Online Protection can be configured in the <a target=\"_blank\" href=\"https:\/\/support.office.com\/en-us\/article\/About-the-Office-365-Admin-Center-758befc4-0888-4009-9f14-0d147402fd23\" rel=\"noopener\">Office 365 admin center<\/a>.<\/p>\n<h3>Protect endpoints: Windows Defender Advanced Threat Protection (Windows Defender ATP)<\/h3>\n<p>For endpoint attacks, <a target=\"_blank\" href=\"https:\/\/www.microsoft.com\/en-us\/WindowsForBusiness\/windows-atp\" rel=\"noopener\">Windows Defender ATP<\/a> provides near-instant detection and blocking of new and emerging threats using advanced file and process behavior monitoring and other heuristic solutions. These endpoint sensors collect and process behavioral signals from the operating system, which are then translated into insights, detections, and recommended responses to advanced threats. Windows Defender ATP offers dedicated protection updates based on machine learning, human and automated big-data analyses, and in-depth threat resistance research to identify attacker tools, techniques, and procedures, and to generate alerts when these are observed in collected sensor data.<\/p>\n<p>Windows Defender ATP&#8217;s application control capability is a feature of Windows 10 that provides increased security against malware and zero-day attacks by blocking anything other than trusted apps. It is managed in <a target=\"_blank\" href=\"https:\/\/securitycenter.windows.com\/\" rel=\"noopener\">Microsoft System Center Configuration Manager<\/a> (ConfigMgr).<\/p>\n<h3>Deployment tips from the experts<\/h3>\n<p>Now that you know more about how Microsoft 365 security solutions can protect your data, here are several proven tips to put it all into action.<\/p>\n<p><strong>Consider the key attack vectors. <\/strong>Devices, email, network, and identity credentials are the most common areas for cybersecurity attacks. To help secure these vectors:<\/p>\n<ul>\n<li><strong>Protect identities<\/strong>\u2014Detect suspicious activities across the network attack surface by signing in to the <a target=\"_blank\" href=\"https:\/\/portal.atp.azure.com\/unauthorized\" rel=\"noopener\">Azure ATP workspace portal<\/a> with your Azure AD user account.<\/li>\n<li><strong>Protect email<\/strong>\u2014Configure Office 365 ATP and Exchange Online Protection in the <a target=\"_blank\" href=\"https:\/\/support.office.com\/en-us\/article\/About-the-Office-365-Admin-Center-758befc4-0888-4009-9f14-0d147402fd23\" rel=\"noopener\">Office 365 admin center<\/a> to protect against malicious links and phishing attacks.<\/li>\n<li><strong>Protect endpoints<\/strong>\u2014Set up the endpoints in your organization so that Windows Defender ATP, which is built in to Windows 10, can get sensor data from them. You do this by <a target=\"_blank\" href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/security\/threat-protection\/windows-defender-atp\/onboard-configure-windows-defender-advanced-threat-protection\" rel=\"noopener\">onboarding your endpoints<\/a> to the service and by <a href=\"https:\/\/docs.microsoft.com\/en-us\/intune\/endpoint-protection-windows-10\">configuring the individual security controls<\/a>.<\/li>\n<\/ul>\n<p><strong>Plan for success with FastTrack.<\/strong> This valuable service comes with your subscription at no additional charge. Whether you\u2019re planning your initial rollout, needing to onboard your product, or driving end-user adoption, FastTrack is your benefit service that is ready to assist you. <a target=\"_blank\" href=\"https:\/\/fasttrack.microsoft.com\/microsoft365\/journey\" rel=\"noopener\">Get started at FastTrack for Microsoft 365<\/a>.<\/p>\n<h3>Want to learn more?<\/h3>\n<p>For more information and guidance on this topic, check out the \u201c<a href=\"https:\/\/na01.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fquery.prod.cms.rt.microsoft.com%2Fcms%2Fapi%2Fam%2Fbinary%2FRE2wVyj&amp;data=02%7C01%7C%7Ce69dc8c7c01842878c1508d61f3accc0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636730734730020560&amp;sdata=ugZtg9PyFxRN2Sqn4Nc6DQwYLmeYGUSc6xDkeB7Wqwc%3D&amp;reserved=0\">Cybersecurity threats:\u00a0 How to discover, remediate, and mitigate<\/a>\u201d white paper. You can find additional <a href=\"https:\/\/na01.safelinks.protection.outlook.com\/?url=https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2FResources&amp;data=02%7C01%7C%7Ce69dc8c7c01842878c1508d61f3accc0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636730734730030572&amp;sdata=EChEVQSo8L4iHhdKeO6hnQtT9J%2B914W3N05jfbFLihs%3D&amp;reserved=0\">security resources on Microsoft.com<\/a>.<\/p>\n<p><em>More blog posts from this series:<\/em><\/p>\n<ul>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/03\/06\/tips-for-getting-started-on-your-security-deployment\/\" rel=\"noopener\">Tips for getting started on your security deployment<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/03\/20\/accelerate-your-security-deployment-with-fasttrack-for-microsoft-365\/\" rel=\"noopener\">Accelerate your security deployment with FastTrack for Microsoft 365<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/05\/01\/first-things-first-envisioning-your-security-deployment\/\" rel=\"noopener\">First things first: Envisioning your security deployment<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/05\/17\/now-that-you-have-a-plan-its-time-to-start-deploying\/\" rel=\"noopener\">Now that you have a plan, it\u2019s time to start deploying<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/06\/18\/new-fasttrack-benefit-deployment-support-for-co-management-on-windows-10-devices\/\" rel=\"noopener\">New FastTrack benefit: Deployment support for co-management on Windows 10 devices<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/07\/02\/assessing-microsoft-365-security-solutions-using-the-nist-cybersecurity-framework\/\" rel=\"noopener\">Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/07\/18\/enable-your-users-to-work-securely-from-anywhere-anytime-across-all-of-their-devices\/\" rel=\"noopener\">Enable your users to work securely from anywhere, anytime, across all of their devices<\/a><\/li>\n<li><a target=\"_blank\" href=\"https:\/\/cloudblogs.microsoft.com\/microsoftsecure\/2018\/08\/02\/protect-your-data-in-files-apps-and-devices\/\" rel=\"noopener\">Protect your data in files, apps, and devices<\/a><\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors.<\/p>\n","protected":false},"author":61,"featured_media":85795,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"content-type":[3661],"topic":[3684,3688],"products":[3702,3703],"threat-intelligence":[],"tags":[3809],"coauthors":[1868],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.8 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog\" \/>\n<meta property=\"og:description\" content=\"This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\" \/>\n<meta property=\"og:site_name\" content=\"Microsoft Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-13T16:00:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-16T06:00:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1400\" \/>\n\t<meta property=\"og:image:height\" content=\"839\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Debbie Seres\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Debbie Seres\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\"},\"author\":[{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/debbie-seres\/\",\"@type\":\"Person\",\"@name\":\"Debbie Seres\"}],\"headline\":\"Cybersecurity threats: How to discover, remediate, and mitigate\",\"datePublished\":\"2018-08-13T16:00:57+00:00\",\"dateModified\":\"2023-05-16T06:00:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\"},\"wordCount\":941,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png\",\"keywords\":[\"Security strategies\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\",\"name\":\"Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png\",\"datePublished\":\"2018-08-13T16:00:57+00:00\",\"dateModified\":\"2023-05-16T06:00:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png\",\"width\":1400,\"height\":839,\"caption\":\"Image taken at the Microsoft Ignite Conference.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity threats: How to discover, remediate, and mitigate\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"name\":\"Microsoft Security Blog\",\"description\":\"Expert coverage of cybersecurity topics\",\"publisher\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization\",\"name\":\"Microsoft Security Blog\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"contentUrl\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png\",\"width\":512,\"height\":512,\"caption\":\"Microsoft Security Blog\"},\"image\":{\"@id\":\"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/","og_locale":"en_US","og_type":"article","og_title":"Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog","og_description":"This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this blog, we explain how Microsoft 365 threat protection solutions interoperate threat detection across these attack vectors.","og_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/","og_site_name":"Microsoft Security Blog","article_published_time":"2018-08-13T16:00:57+00:00","article_modified_time":"2023-05-16T06:00:13+00:00","og_image":[{"width":1400,"height":839,"url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png","type":"image\/png"}],"author":"Debbie Seres","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Debbie Seres","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#article","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/"},"author":[{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/author\/debbie-seres\/","@type":"Person","@name":"Debbie Seres"}],"headline":"Cybersecurity threats: How to discover, remediate, and mitigate","datePublished":"2018-08-13T16:00:57+00:00","dateModified":"2023-05-16T06:00:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/"},"wordCount":941,"commentCount":0,"publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png","keywords":["Security strategies"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/","name":"Cybersecurity threats: How to discover, remediate, and mitigate | Microsoft Security Blog","isPartOf":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png","datePublished":"2018-08-13T16:00:57+00:00","dateModified":"2023-05-16T06:00:13+00:00","breadcrumb":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#primaryimage","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/10\/Security-Deployment-thumbnail.png","width":1400,"height":839,"caption":"Image taken at the Microsoft Ignite Conference."},{"@type":"BreadcrumbList","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2018\/08\/13\/cybersecurity-threats-how-to-discover-remediate-and-mitigate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity threats: How to discover, remediate, and mitigate"}]},{"@type":"WebSite","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#website","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","name":"Microsoft Security Blog","description":"Expert coverage of cybersecurity topics","publisher":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#organization","name":"Microsoft Security Blog","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","contentUrl":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-content\/uploads\/2018\/08\/cropped-cropped-microsoft_logo_element.png","width":512,"height":512,"caption":"Microsoft Security Blog"},"image":{"@id":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/#\/schema\/logo\/image\/"}}]}},"distributor_meta":false,"distributor_terms":false,"distributor_media":false,"distributor_original_site_name":"Microsoft Security Blog","distributor_original_site_url":"https:\/\/www.microsoft.com\/en-us\/security\/blog","push-errors":false,"_links":{"self":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/84703"}],"collection":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/users\/61"}],"replies":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/comments?post=84703"}],"version-history":[{"count":0,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/posts\/84703\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media\/85795"}],"wp:attachment":[{"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/media?parent=84703"}],"wp:term":[{"taxonomy":"content-type","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/content-type?post=84703"},{"taxonomy":"topic","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/topic?post=84703"},{"taxonomy":"products","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/products?post=84703"},{"taxonomy":"threat-intelligence","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/threat-intelligence?post=84703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/tags?post=84703"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/wp-json\/wp\/v2\/coauthors?post=84703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}