How IT and security teams can work together to improve endpoint security
The threat landscape has changed over the last few years.
Microsoft Defender for Endpoint
Refine results
Topic
Products and services
Publish date
Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
-
Microsoft recognized as a Leader in UEM Software 2022 IDC MarketScape reports
Competition for talent has increased pressure to lead in the digital space, and business decisions now weigh user experience for employees heavily among costs and benefits. -
Uncovering a macOS App Sandbox escape vulnerability: A deep dive into CVE-2022-26706
Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system. -
Introducing security for unmanaged devices in the Enterprise network with Microsoft Defender for IoT
Microsoft Defender IoT is generally available to help organizations challenged with securing unmanaged Internet of Things devices connected to the network. Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
Using process creation properties to catch evasion techniques
We developed a robust detection method in Microsoft Defender for Endpoint that can catch known and unknown variations of a process execution class used by attackers to evade detection. -
Forrester names Microsoft a Leader in 2022 Enterprise Detection and Response Wave™ report
Microsoft was named as a Leader in The Forrester Wave™: Enterprise Detection and Response for Q1 of 2022—the ninth Leader position for Microsoft Security in a Forrester Wave™. -
Detect active network reconnaissance with Microsoft Defender for Endpoint
Active network reconnaissance is a critical component of the cybersecurity kill chain allowing for network topography and endpoint services to be mapped and used in targeted campaigns. -
ACTINIUM targets Ukrainian organizations
The Microsoft Threat Intelligence Center (MSTIC) is sharing information on a threat group named ACTINIUM, which has been operational for almost a decade and has consistently pursued access to organizations in Ukraine or entities related to Ukrainian affairs. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Measure the effectiveness of your Microsoft security with AttackIQ
Microsoft and AttackIQ are working together to automate testing using MITRE ATT&CK and a threat-informed defense. -
Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA
We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. -
New macOS vulnerability, “powerdir,” could lead to unauthorized user data access
A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. -
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel.
