Microsoft Defender Threat Intelligence
Help protect your organization from modern adversaries and cyberthreats such as ransomware.Â
Attend the new security track at Microsoft Ignite
Try new capabilities with hands-on demos, learn how to extend AI-powered protection across clouds and platforms, and explore proven security strategies November 15-16, 2023.
Uncover your adversaries
Expose and eliminate modern cyberthreats and their infrastructure using dynamic cyberthreat intelligence.
Identify attackers and their tools
Understand your adversaries and their online infrastructures to identify your potential cyberthreat exposures using a complete map of the internet.
Accelerate cyberthreat detection and remediation
Discover the full scope of a cyberattack. Understand an online adversary’s entire toolkit, prevent access by all their machines and known entities, and continuously block IP addresses or domains.
Enhance your security tools and workflows
Extend the reach and visibility of your existing security investments. Use the raw cyberthreat intelligence from your security tools and workflows, via an API, to gain more context and understand cyberthreats more deeply.
Microsoft Defender Threat Intelligence
Gain an unparalleled view of the ever-changing cyberthreat landscape. Defender Threat Intelligence maps the entire internet to expose cyberthreat actors and their infrastructures. Get the cyberthreat intelligence you need to block an entire cyberattack and keep your organization safe from complex cyberthreats such as ransomware.Â
Capabilities
Uncover and help eliminate cyberthreats with Defender Threat Intelligence.Â
Get continuous cyberthreat intelligence
Scan the internet to create a complete picture of day-to-day changes. Create cyberthreat intelligence for your own business to understand and reduce exposure.
Expose adversaries and their methods
Understand the group behind an online cyberattack, their methods, and how they typically operate.
Enhance alert investigations
Enrich Microsoft Sentinel and Microsoft 365 Defender incident data with external cyberthreat intelligence to uncover the full scale of a cyberthreat or cyberattack.
Accelerate incident response
Investigate and remove malicious infrastructure such as domains and IPs and all the known tools and resources operated by a cyberattacker or cyberthreat family.
Hunt cyberthreats as a team
Easily collaborate on investigations across teams using the Defender Threat Intelligence workbench and share knowledge of cyberthreats with Intel Profiles.
Expand prevention and improve security posture
Automatically uncover malicious entities and help stop outside cyberthreats by blocking internal resources from accessing dangerous internet resources.
Give security teams an edge with Microsoft Security Copilot
Powerful new capabilities, new integrations, and industry-leading generative AI—now available in early access.
Join the Microsoft Defender Threat Intelligence Community
Register for free to help safeguard your organization while contributing to community protection.
How Microsoft Defender Threat Intelligence works
Microsoft tracks more than 65 trillion signals daily, helping security teams identify vulnerabilities with greater efficacy and stay ahead of today's cyberthreats.
Integrated cyberthreat protection with SIEM and XDR
Empower your security teams to effectively protect your digital estate by combining extended detection and response (XDR) and security information and event management (SIEM).
Microsoft 365 Defender
Get unified security and visibility across endpoints, identities, emails, and cloud apps with an industry-leading XDR solution.
Microsoft Sentinel
Aggregate security data and correlate alerts from virtually any source with cloud-native SIEMÂ from Microsoft.
Microsoft Defender for Cloud
Help protect your multicloud and hybrid cloud workloads with built-in XDR capabilities.
Related products
Use industry-leading Microsoft security products to help prevent and detect cyberattacks across your organization.
Microsoft Sentinel
See and stop cyberthreats across your entire enterprise with intelligent security analytics.
Microsoft Defender for Cloud
Increase protection in your multicloud and hybrid environments.
Microsoft Defender External Attack Surface Management
Understand your security posture beyond the firewall.
Additional resources
Read the cyberthreat intelligence blog
Learn about the new cyberthreat intelligence offerings from Microsoft.
Help protect your business with cyberthreat intelligence
Learn how to use internet cyberthreat intelligence to defend your organization against cyberattacks.
Best practices and implementation
Get started with cyberthreat intelligence solutions for your organization today.
Visit the Microsoft Defender Threat Intelligence blog
Learn from Defender Threat Intelligence experts, see what's new, and let us hear from you.
Follow Microsoft