lack female developer wearing headphones; coding at her PC workspace in an enterprise office, using Visual Studio on a multi-monitor set up. Featured image for The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2

In this blog Jake Williams, Founder of Rendition InfoSec shares his insights on the 2020 threat landscape—who to watch for and why—and offers cybersecurity guidance and best practices on how to structure and evolve red and blue teaming within your organization.
Read more The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 2
Featured image for Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop

One missing link in the complex Solorigate attack chain is the handover from the Solorigate DLL backdoor to the Cobalt Strike loader. How exactly does the jump from the Solorigate backdoor (SUNBURST) to the Cobalt Strike loader (TEARDROP, Raindrop, and others) happen? What code gets triggered, and what indicators should defenders look for?
Read more Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
Real people. IT professionals build and maintain the LinkedIn server farm which operates on 100% renewable energy. Featured image for How IT leaders are securing identities with Zero Trust

How IT leaders are securing identities with Zero Trust

The past twelve months have been a remarkable time of digital transformation as organizations, and especially digital security teams, adapt to working remotely and shifting business operations. IT leaders everywhere turned to Zero Trust approaches to alleviate the challenges of enabling and securing remote work. Using Zero Trust to secure users, data, and devices (wherever they may be) has changed…
Read more How IT leaders are securing identities with Zero Trust
Man in a hooded sweater/sweatshirt inside a secure room, pointing at a geographic area displayed on a large monitor. Featured image for Simplify compliance and manage risk with Microsoft Compliance Manager

Simplify compliance and manage risk with Microsoft Compliance Manager

The cost of non-compliance is more than twice that of compliance costs. Non-compliance with the ever-increasing and changing regulatory requirements can have a significant impact on your organization’s brand, reputation, and revenue. According to a study by the Ponemon Institute and Globalscape, being compliant will cost you less compared to business disruptions, loss of revenue, and hefty…
Read more Simplify compliance and manage risk with Microsoft Compliance Manager
Featured image for Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender

This blog is a guide for security administrators using Microsoft 365 Defender and Azure Defender to identify and implement security configuration and posture improvements that harden enterprise environments against Solorigate’s attack patterns.
Read more Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
Contextual image of woman working on Surface Studio2 inside office Featured image for Azure Active Directory empowers frontline workers with simplified and secure access

Azure Active Directory empowers frontline workers with simplified and secure access

Learn how frontline workers can access the productivity tools they need with simplified sign-in authentication and built-in security—directly from the shop floor.
Read more Azure Active Directory empowers frontline workers with simplified and secure access
Featured image for New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

The new Surface Pro 7+ for Business will ship with virtualization-based security (VBS) and Hypervisor-protected code integrity (HVCI, also commonly referred to as memory integrity) enabled out of the box to give customers even stronger security that is built-in and turned on by default. The Surface Pro 7+ for Business joins existing recently shipped devices like the Surface Book 3, Surface Laptop Go, and the Surface Pro X in enabling VBS and HVCI by default.
Read more New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely
Three adults are collaborating in a conference room. One male is standing next to a Microsoft Surface Hub 50” with Microsoft Whiteboard screen shown. Featured image for Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact

Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact

GDPR, HIPPA, GLBA, all 50 U.S. States, and many countries have privacy breach reporting requirements. If an organization experiences a breach of relevant regulatory information, they must report it within the required time frame. The size and scope of this reporting effort can be massive. Using Microsoft 365 Advanced Audit and Advanced eDiscovery to better understand the scope of the breach can minimize the burden on customers as well as the financial and reputational cost to the organization.
Read more Privacy breaches: Using Microsoft 365 Advanced Audit and Advanced eDiscovery to minimize impact
Teams call with headphones at a home desk on a Lenovo ThinkPad X1 Carbon. Featured image for The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1

In this blog Jake Williams, Founder of Rendition InfoSec shares his insights on the 2020 threat landscape—who to watch for and why—and offers cybersecurity guidance and best practices on how to structure and evolve red and blue teaming within your organization.
Read more The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1
Top-down view of a bearded man in a gray/blue shirt seated at a desk working on a Surface laptop connected to three large monitors. Featured image for Forcepoint and Microsoft: Risk-based access control for the remote workforce

Forcepoint and Microsoft: Risk-based access control for the remote workforce

Forcepoint integrates with Azure Active Directory conditional access policies based on an individual’s dynamically calculated risk level.
Read more Forcepoint and Microsoft: Risk-based access control for the remote workforce
Featured image for Using Microsoft 365 Defender to protect against Solorigate

Using Microsoft 365 Defender to protect against Solorigate

This blog is a comprehensive guide for security operations and incident response teams using Microsoft 365 Defender to identify, investigate, and respond to the Solorigate attack if it’s found in your environment.
Read more Using Microsoft 365 Defender to protect against Solorigate
Man in a collared shirt working on a server station inside a secure room. Coworkers and large monitors are in the background. Keywords: network security, on-premise security, threat protection, secure score, monitoring, security management, operations, Microsoft Security collection Featured image for Advice for incident responders on recovery from systemic identity compromises

Advice for incident responders on recovery from systemic identity compromises

Customers across the globe are asking for guidance on recovering their infrastructure after being impacted by Solorigate. DART walks you through remediation steps as well as some longer term mitigations.
Read more Advice for incident responders on recovery from systemic identity compromises