Inside Microsoft Threat Intelligence: Calm in the chaos
Incident response is never orderly. Threat actors don’t wait.
Microsoft Incident Response
Refine results
Topic
Products and services
Publish date
-
-
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft
Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data. -
Build a stronger security strategy with proactive and reactive incident response: Cyberattack Series
Find out how a cyberattack by Storm-2077 was halted faster because the Microsoft Incident Response team is both proactive and reactive at the same time. -
The art and science behind Microsoft threat hunting: Part 3
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios. Retain Microsoft Security Experts
Microsoft Security Experts are now available to strengthen your team with managed security services. Learn how to defend against threats with security experts.
-
How to boost your incident response readiness
Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team. -
New Microsoft Incident Response guide helps simplify cyberthreat investigations
Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team. -
How Microsoft Incident Response and Microsoft Defender for Identity work together to detect and respond to cyberthreats
Learn how Microsoft Incident Response works together with Microsoft Defender for Identity to give customers fast, flexible service—before, during, or after a cybersecurity incident occurs. -
New Microsoft Incident Response guides help security teams analyze suspicious activity
Access the first two cloud investigation guides from Microsoft Incident Response to improve triage and analysis of data in Microsoft 365 and Microsoft Entra ID. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
New Microsoft Incident Response team guide shares best practices for security teams and leaders
The Microsoft Incident Response team shares a downloadable, interactive, people-centric, guide to effective incident response. -
Microsoft Incident Response lessons on preventing cloud identity compromise
In real-world customer engagements, Microsoft IR sees combinations of issues and misconfigurations that could lead to attacker access to customers’ Microsoft Entra ID tenants. -
Protecting credentials against social engineering: Cyberattack Series
Our fourth installation in the Cyberattack Series examines a smishing and social engineering attack and outlines the steps organizations can take to help minimize the risk and prepare for the possibility. -
An integrated incident response solution with Microsoft and PwC
Microsoft Incident Response and PwC have announced a new global alliance to expand their joint Incident Response and Recovery capability.
