The art and science behind Microsoft threat hunting: Part 3
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
In this blog post, read how Microsoft Incident Response leverages three types of threat intelligence to enhance incident response scenarios.
We examine the recent CrowdStrike outage and provide a technical overview of the root cause.
Discover key steps to bolster incident response readiness, from disaster recovery plans to secure deployments, guided by insights from the Microsoft Incident Response team.
When an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security. This post explores the necessity and risk associated with mass password resets.
Discover how to fortify your organization’s cybersecurity defense with this practical guide on digital forensics from Microsoft’s Incident Response team.
Learn how Microsoft Incident Response works together with Microsoft Defender for Identity to give customers fast, flexible service—before, during, or after a cybersecurity incident occurs.
Access the first two cloud investigation guides from Microsoft Incident Response to improve triage and analysis of data in Microsoft 365 and Microsoft Entra ID.
The Microsoft Incident Response team shares a downloadable, interactive, people-centric, guide to effective incident response.
In real-world customer engagements, Microsoft IR sees combinations of issues and misconfigurations that could lead to attacker access to customers’ Microsoft Entra ID tenants. Reducing risk and exposure of your most privileged accounts plays a critical role in preventing or detecting attempts at tenant-wide compromise.
Our fourth installation in the Cyberattack Series examines a smishing and social engineering attack and outlines the steps organizations can take to help minimize the risk and prepare for the possibility.
Microsoft Incident Response and PwC have announced a new global alliance to expand their joint Incident Response and Recovery capability.
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries.