Image of two coworkers collaborating at a desk.

Microsoft Detection and Response Team (DART)

A blog series focused on the latest attack methods as well as cybersecurity best practices derived from our investigations and engagements, helping our customers respond to compromises and become cyber-resilient.

Advice for incident responders on recovery from systemic identity compromises

Read more Advice for incident responders on recovery from systemic identity compromises

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

Read more A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

Best practices for defending Azure Virtual Machines

Read more Best practices for defending Azure Virtual Machines

Microsoft Office 365—Do you have a false sense of cloud security?

Read more Microsoft Office 365—Do you have a false sense of cloud security?

CISO Series: Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

Read more CISO Series: Lessons learned from the Microsoft SOC—Part 3c: A day in the life part 2

Full Operational Shutdown—another cybercrime case from the Microsoft Detection and Response Team

Read more Full Operational Shutdown—another cybercrime case from the Microsoft Detection and Response Team

Real-life cybercrime stories from DART, the Microsoft Detection and Response Team

Read more Real-life cybercrime stories from DART, the Microsoft Detection and Response Team

Ghost in the shell: Investigating web shell attacks

Read more Ghost in the shell: Investigating web shell attacks

Threat hunting in Azure Advanced Threat Protection (ATP)

Read more Threat hunting in Azure Advanced Threat Protection (ATP)

Norsk Hydro responds to ransomware attack with transparency

Read more Norsk Hydro responds to ransomware attack with transparency

Ransomware response—to pay or not to pay?

Read more Ransomware response—to pay or not to pay?

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

Read more Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1