The evolution of Microsoft Threat Protection, January update
Learn about the top feature updates for Microsoft Threat Protection in January.
Incident response
Incident response is the process of detecting, investigating, and responding to cyberattacks, security breaches, or IT incidents. Explore the latest trends and intelligence-driven strategies that help you prevent future attacks.
Refine results
Topic
Products and services
Publish date
Secure and verify every identity with Microsoft Entra
Microsoft Entra expands beyond identity and access management with new product categories such as cloud infrastructure entitlement management (CIEM) and decentralized identity.
-
-
Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP
In MITRE’s evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. -
Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. -
Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks
Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Prevent threats with Microsoft Defender
The Microsoft Defender family offers comprehensive threat prevention, detection, and response capabilities for everyone—from individuals looking to protect their family to the world’s largest enterprises.
-
What’s new in Windows Defender ATP
We added new capabilities to each of the pillars of Windows Defender ATP’s unified endpoint protection platform: improved attack surface reduction, better-than-ever next-gen protection, more powerful post-breach detection and response, enhanced automation capabilities, more security insights, and expanded threat hunting. -
CISO series: Partnering with the C-Suite on cybersecurity
In my last blog, we looked at five communication techniques that can help engage business managers in the work of cybersecurity. -
Making it real—harnessing data gravity to build the next gen SOC
In this post we address the question: “How do we make data gravity a reality in the security operations center (SOC) while we are under increased and constant pressure from motivated threat actors?” -
Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV
Removing the need for files is the next progression of attacker techniques. Modernize your Security Operations Center with Microsoft Sentinel
Microsoft Sentinel is a cloud-native SIEM solution powered by AI and automation that delivers intelligent security analytics across your entire enterprise.
-
Delivering security innovation that puts Microsoft’s experience to work for you
Cybersecurity is the central challenge of our digital age. -
Small businesses targeted by highly localized Ursnif campaign
In social engineering attacks, is less really more? A new malware campaign puts that to the test by targeting home users and small businesses in specific US cities. -
Attack inception: Compromised supply chain within a supply chain poses new risks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. -
Assessing Microsoft 365 security solutions using the NIST Cybersecurity Framework
Microsoft 365 security solutions are designed to help you empower your users to do their best work securely, from anywhere and with the tools they love.
