Microsoft Sentinel

Microsoft Sentinel is a security information and event management (SIEM) solution that helps you uncover and quickly respond to sophisticated threats. Explore case studies, product updates, and best practices to help you strengthen your security and reduce response times.

Refine Results

Filtered by

Clear All

Microsoft Sentinel

Refine results

Sort By

Content Type

Topic

Products and services

Publish date

Start Date

End Date

Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
Learn more
July 16

7 min read

Protecting customers from Octo Tempest attacks across multiple industries

To help protect and inform customers, Microsoft highlights protection coverage across the Microsoft Defender security ecosystem to protect against threat actors like Octo Tempest.
July 10

4 min read

Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

Employing a Zero Trust strategy is an effective way to modernize security infrastructure to protect against ever evolving security challenges.
July 7

4 min read

Learn how to build an AI-powered, unified SOC in new Microsoft e-book

Read Coordinated Defense: Building an AI-powered, unified SOC, the new e-book on how organizations can unify security operations to better meet the challenges of today’s cyberthreat landscape.
July 1

4 min read

Planning your move to Microsoft Defender portal for all Microsoft Sentinel customers

Microsoft is transitioning Microsoft Sentinel into the Microsoft Defender portal to create a unified security operations experience.
Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
Learn more
June 30

18 min read

Jasper Sleet: North Korean remote IT workers’ evolving tactics to infiltrate organizations

Since 2024, Microsoft Threat Intelligence has observed remote IT workers deployed by North Korea leveraging AI to improve the scale and sophistication of their operations, steal data, and generate revenue for the North Korean government.
June 24

5 min read

Microsoft is named a Leader in The Forrester Wave™: Security Analytics Platforms, 2025

Microsoft is proud to be named a Leader in The Forrester Wave™: Security Analytics Platforms, Q2 2025—which we believe reflects our deep investment in innovation and commitment to support SOC’s critical mission.
April 9

13 min read

Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI

Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks.
April 3

13 min read

Threat actors leverage tax season to deploy tax-themed phishing campaigns

As Tax Day approaches in the United States on April 15, Microsoft has detected several tax-themed phishing campaigns employing various tactics.
Streamline privacy management with Microsoft Priva
Protect and govern personal information, reduce privacy risks, and manage subject rights requests at scale with Microsoft Priva privacy risk management solutions.
Learn more
April 1

4 min read

Transforming public sector security operations in the AI era

Read how Microsoft’s unified security operations platform can use generative AI to transform cybersecurity for the public sector.
March 17

13 min read

StilachiRAT analysis: From system reconnaissance to cryptocurrency theft

Microsoft Incident Response uncovered a novel remote access trojan (RAT) named StilachiRAT, which demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.
March 13

10 min read

Phishing campaign impersonates Booking.com, delivers a suite of credential-stealing malware

Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.
February 13

10 min read

Storm-2372 conducts device code phishing campaign

Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372.