Microsoft security intelligence

Security research, threat intelligence, and Microsoft Threat Protection news.

Featured image for Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise

Experts on demand is now generally available and gives customers direct access to real-life Microsoft threat analysts to help with their security investigations.
Read more Experts on demand: Your direct line to Microsoft security insight, guidance, and expertise
Featured image for Top 6 email security best practices to protect against phishing attacks and business email compromise

Top 6 email security best practices to protect against phishing attacks and business email compromise

What should IT and security teams be looking for in an email security solution to protect all their users, from frontline workers to the C-suite? Here are 6 tips to ensure your organization has a strong email security posture.
Read more Top 6 email security best practices to protect against phishing attacks and business email compromise
Featured image for In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.
Read more In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks
Featured image for CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

In the next post of our series, we provide tips on choosing technology to help a security operations center (SOC) be more responsive, effective, and collaborative.
Read more CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools
Featured image for Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave

Microsoft is positioned as a leader in The Forrester Wave™: Endpoint Security Suites, Q3 2019, receiving among the second highest scores in both the strategy and market presence categories.
Read more Forrester names Microsoft a Leader in 2019 Endpoint Security Suites Wave
Featured image for Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

A new fileless malware campaign we dubbed Nodersok delivers two very unusual LOLBins to turn infected machines into zombie proxies.
Read more Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware
Featured image for Operational resilience begins with your commitment to and investment in cyber resilience

Operational resilience begins with your commitment to and investment in cyber resilience

Operational resilience cannot be achieved without a true commitment to and investment in cyber resilience.
Read more Operational resilience begins with your commitment to and investment in cyber resilience
Featured image for Deep learning rises: New methods for detecting malicious PowerShell

Deep learning rises: New methods for detecting malicious PowerShell

We adopted a deep learning technique that was initially developed for natural language processing and applied to expand Microsoft Defender ATP's coverage of detecting malicious PowerShell scripts, which continue to be a critical attack vector.
Read more Deep learning rises: New methods for detecting malicious PowerShell
Featured image for Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant

Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant

Gartner named Microsoft a Leader in the 2019 Gartner Magic Quadrant for Endpoint Protection Platforms, positioned highest in execution.
Read more Gartner names Microsoft a Leader in 2019 Endpoint Protection Platforms Magic Quadrant
Featured image for From unstructured data to actionable intelligence: Using machine learning for threat intelligence

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

Machine learning and natural language processing can automate the processing of unstructured text for insightful, actionable threat intelligence.
Read more From unstructured data to actionable intelligence: Using machine learning for threat intelligence
Featured image for A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.
Read more A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response
Featured image for How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection

The deep integration of Windows Defender Antivirus with hardware-based isolation capabilities allows the detection of artifacts of attacks that tamper with kernel-mode agents at the hypervisor level.
Read more How Windows Defender Antivirus integrates hardware-based system integrity for informed, extensive endpoint protection