Microsoft Defender Experts for Hunting

Proactive threat hunting that extends beyond the endpoint.

Get started

Learn more

Two people working together at a desktop.

Microsoft Defender Experts for Hunting is generally available

Extend your team of experts and reduce risk via more accurate detection.

Read the announcement

Proactive, comprehensive threat hunting

Unify cross-domain signals that go beyond the endpoint with Defender Experts for Hunting.

Expertise on demand

Let our experts handle threat investigation and provide you with remediation instructions.

Cross-domain hunting

Get a full picture of the attack story as we reason over 24 trillion cross-domain threat signals each day.

Fast deployment

Deploy threat hunting in hours across all Microsoft 365 Defender products.

Our proactive threat hunting process

View full size

Watch the video

More about this diagram

Included capabilities

Threat hunting and analysis

Let Microsoft threat-hunting experts look deeper to expose advanced threats and correlate across the stack.

Experts on Demand

Consult a Microsoft security expert about a specific incident, nation-state actor, or attack vector.

Defender Experts Notifications

Receive incident notifications in Microsoft 365 Defender to help improve your security operations center (SOC) response.

Hunter-trained AI

Improve threat discovery and prioritization with automated tools trained by our security experts based on their learnings.

Reports

Receive an interactive experience showing what we hunted and our findings.

Bridgewater goes all in on Microsoft Defender Experts

“Only Microsoft offers a coherent architecture that combines end-to-end security solutions with such a high and broad degree of productivity, hardware, and tight interoperability.”

Igor Tsyganskiy, CTO, Bridgewater Associates

Learn more

DGS Law raises the security bar with Microsoft Security Experts

DGS Law raises the security bar with Microsoft Defender Experts

“This threat hunting service could work for many kinds of organizations needing a turn-key solution they can get up and running in days without a full security team.”

Chad Ergun, CIO, Davis Graham & Stubbs LLP

Learn more

Additional resources

Threat hunter webcast

Watch Tracking the Adversary, a webcast for new security analysts and seasoned threat hunters.

Learn more

Log4j prevention

Find guidance to prevent, detect, and hunt for exploitation of the Log4j 2 vulnerability.

Learn more

Active network reconnaissance detection

Find out how to stay ahead of threat actors’ evolving tactics and techniques.

Learn more

Microsoft Defender Experts for Hunting

Find out how Microsoft can help provide proactive threat hunting that extends beyond the endpoint.

Get started

This diagram describes how Microsoft hunts beyond endpoints and provides recommendations in a five-step process. Starting with formulating a hypothesis to explain data suggesting a potential threat, then finding context using artificial intelligence and observation. Then Microsoft hunts and collects more data to investigate and analyze the most critical threats. From there, Microsoft notifies customers of the findings with recommendations.