-
-
Forrester names Microsoft a Leader in the 2023 Endpoint Security Waveâ„¢ report
Microsoft has been named a Leader in The Forrester Waveâ„¢: Endpoint Security, Q4 2023 report. -
Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerability
Since early October 2023, Microsoft has observed North Korean nation-state threat actors Diamond Sleet and Onyx Sleet exploiting the Jet Brains TeamCity CVE-2023-42793 remote-code execution vulnerability. Given supply chain attacks carried out by these threat actors in the past, Microsoft assesses that this activity poses a particularly high risk to organizations who are affected. -
Microsoft Defender for Endpoint now stops human-operated attacks on its own
Today, we're pleased to announce that Microsoft Defender for Endpoint customers will now be able automatically to disrupt human-operated attacks like ransomware early in the kill chain without needing to deploy any other capabilities. Now, organizations only need to onboard their devices to Defender for Endpoint to start realizing the benefits of attack disruption. -
Automatic disruption of human-operated attacks through containment of compromised user accounts
User containment is a unique and innovative defense mechanism that stops human-operated attacks in their tracks. We’ve added user containment to the automatic attack disruption capability in Microsoft Defender for Endpoint. User containment is automatically triggered by high-fidelity signals and limits attackers’ ability to move laterally within a network regardless of the compromised account’s Active Directory state or privilege level. -
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool […] -
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time. -
Microsoft Inspire: Partner resources to prepare for the future of security with AI
Microsoft Inspire is an incredible opportunity to share all the ways AI can support security efforts with our partner ecosystem. Register to hear strategies to prepare your organization for AI with comprehensive security and security posture. -
Microsoft Defender for Endpoint is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022
Today, we are proud to share that Microsoft is ranked number one in market share in the IDC Worldwide Corporate Endpoint Security Market Shares report, 2022. More customers choose and trust Microsoft Defender for Endpoint and Microsoft Defender for Business to defend their multiplatform devices than any other vendor. -
Why endpoint management is key to securing an AI-powered future
With the coming wave of AI, this is precisely the time for organizations to prepare for the future. To be properly ready for AI, Zero Trust principles take on new meaning and scope. The right endpoint management strategy can help provide the broadest signal possible and make your organization more secure and productive for years to come.
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
