Skip to main content
Microsoft Security

Research

Explore in-depth research on the latest cybersecurity threats, trends, and defense strategies. Get insights from Microsoft thatโ€™ll help you better understand and respond to todayโ€™s challenges.

Refine Results

Filtered by

Clear All
  • Research

Refine results

Sort By
Content Type
Research (402)
Industry trends (3)
News (2)
Events (0)
Best practices (0)
Topic
Threat intelligence (378)
Incident response (33)
AI and agents (16)
Security operations (8)
Endpoint security (8)
Actionable threat insights (8)
Cloud security (6)
Defending against advanced tactics (5)
Analyst reports (5)
Threat trends (4)
Internet of Things (IoT) security (4)
Zero Trust (3)
Security management (3)
Identity and access management (3)
Small and medium business (2)
Email security (2)
Detection and protection success stories (2)
SIEM and XDR (1)
Office of the CISO (1)
Multifactor authentication (1)
Data security (1)
Secure remote work (0)
Risk management (0)
Privacy (0)
Network security (0)
MISA (0)
Microsoft Secure Future Initiative (0)
Information protection and governance (0)
Device management (0)
Data protection (0)
Compliance (0)
Built-in security (0)
Products and services
Microsoft Defender (165)
Microsoft Defender for Endpoint (104)
Microsoft Defender XDR (64)
Microsoft Defender for Office 365 (29)
Microsoft Defender Threat Intelligence (22)
Microsoft Defender Vulnerability Management (19)
Microsoft Defender for Cloud Apps (19)
Microsoft Defender for Cloud (18)
Microsoft Defender for Identity (15)
Microsoft Defender for IoT (9)
Microsoft Defender External Attack Surface Management (4)
Microsoft Defender for Business (0)
Microsoft Sentinel (39)
Microsoft Security Experts (21)
Microsoft Incident Response (8)
Microsoft Defender Experts for XDR (8)
Microsoft Defender Experts for Hunting (7)
Microsoft Security Services for Enterprise (0)
Microsoft Entra (17)
Microsoft Entra ID (11)
Microsoft Entra ID Protection (7)
Microsoft Entra Workload ID (1)
Microsoft Entra Verified ID (0)
Microsoft Entra Private Access (0)
Microsoft Entra Internet Access (0)
Microsoft Entra ID Governance (0)
Microsoft Entra External ID (0)
Microsoft Security Copilot (8)
Microsoft Purview (2)
Microsoft Purview Insider Risk Management (1)
Microsoft Purview Data Loss Prevention (1)
Microsoft Purview Information Protection (0)
Microsoft Purview eDiscovery (0)
Microsoft Purview Data Lifecycle Management (0)
Microsoft Purview Compliance Manager (0)
Microsoft Purview Communication Compliance (0)
Microsoft Purview Audit (0)
Microsoft Intune (2)
Microsoft Priva (0)
Microsoft Priva Subject Rights Requests (0)
Microsoft Priva Risk Management (0)
Microsoft Entra Agent ID (0)
Publish date

  • Streamline privacy management with Microsoft Priva

    Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.

    Learn more
  • a conference room of people sitting around a table
    • 13 min read

    Staying ahead of threat actors in the age of AI

    Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others.
  • Photo of a security team huddling in security operations center
    • 10 min read

    Midnight Blizzard: Guidance for responders on nation-state attack

    The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access.

  • Simplify endpoint management with Microsoft Intune

    Microsoft Intune is a cloud-based unified endpoint management platform that empowers IT to manage, assess, and protect apps and devices.

    Learn more
  • Photo of an enterprise office worker in focused work with a neutral facial expression.
    • 10 min read

    Financially motivated threat actors misusing App Installer

    Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme (App Installer) to distribute malware.
  • Photo of business woman and man in separate glass elevators.
    • 28 min read

    Star Blizzard increases sophistication and evasion in ongoing attacks

    Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has continuously improved their detection evasion capabilities while remaining focused on email credential theft against targets.
  • Developers on-the-go, meeting up in the lobby. Male and female developers collaborating outside the office.
    • 6 min read

    Microsoft shares threat intelligence at CYBERWARCON 2023

    At the CYBERWARCON 2023 conference, Microsoft and LinkedIn analysts are presenting several sessions detailing analysis across multiple sets of threat actors and related activity, demonstrating Microsoft Threat Intelligence’s ongoing efforts to track threat actors, protect customers, and share information with the wider security community.
Load More

Get started with Microsoft Security

Protect your people, data, and infrastructure with AI-powered, end-to-end security from Microsoft.

Learn how

Connect with us on social