Microsoft announces cloud innovation to simplify security, compliance, and identity

Read more Microsoft announces cloud innovation to simplify security, compliance, and identity
An image of the Microsoft Cyber Defense Operations Center. Featured image for Microsoft Security—detecting empires in the cloud

Microsoft Security—detecting empires in the cloud

Microsoft threat analysts have detected another evolution in GADOLINIUM’s tooling that the security community should understand when establishing defenses.
Read more Microsoft Security—detecting empires in the cloud
An image of the Microsoft Cyber Defense Operations Center. Featured image for STRONTIUM: Detecting new patterns in credential harvesting

STRONTIUM: Detecting new patterns in credential harvesting

Microsoft has tied STRONTIUM to a newly uncovered pattern of Office365 credential harvesting activity aimed at US and UK organizations directly involved in political elections.
Read more STRONTIUM: Detecting new patterns in credential harvesting
An image of a female tech worker sitting at a table working on her laptop. Featured image for How can Microsoft Threat Protection help reduce the risk from phishing?

How can Microsoft Threat Protection help reduce the risk from phishing?

The true costs from phishing may be higher than you think. Microsoft Threat Protection can help you mitigate your risk.
Read more How can Microsoft Threat Protection help reduce the risk from phishing?
Featured image for Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics

Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics

Through deep correlation logic, Microsoft Threat Protection automatically finds links between related signals across domains. It connects related existing alerts and generates additional alerts where suspicious events that could otherwise be missed can be detected.
Read more Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics
Featured image for Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents

Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents

The incidents view in Microsoft Threat Protection empowers SOC analysts by automatically fusing attack evidence and providing a consolidated view of an attack chain and affected assets, as well as a single-click remediation with easy-to-read analyst workflows.
Read more Inside Microsoft Threat Protection: Correlating and consolidating attacks into incidents
A photograph of Male working on Surface Laptop 3 in PowerPoint with Surface Mouse and Surface Headphones. Featured image for Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them

Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them

Every year billions of new connected devices come online. These devices enable businesses to finetune operations, optimize processes, and develop analytics-based services.
Read more Afternoon Cyber Tea: Cybersecurity & IoT: New risks and how to minimize them
An image of a woman wearing a dark shirt in a dim office scrolling or working on a Microsoft Surface Studio. Featured image for Best security, compliance, and privacy practices for the rapid deployment of publicly facing Microsoft Power Apps intake forms

Best security, compliance, and privacy practices for the rapid deployment of publicly facing Microsoft Power Apps intake forms

Security is a major concern of not only major governments but of other entities using Microsoft Power App intake forms.
Read more Best security, compliance, and privacy practices for the rapid deployment of publicly facing Microsoft Power Apps intake forms
An image of a black male developer at work in an Enterprise office workspace. Featured image for Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting

Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting

This blog provides lessons learned on how Microsoft hunts for threats in our IT environment and how you can apply these lessons to building or improving your threat hunting program. This is the seventh in a series.
Read more Lessons learned from the Microsoft SOC—Part 3d: Zen and the art of threat hunting
Featured image for Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

In the first blog in the Inside Microsoft Threat Protection series, we will show how MTP provides unparalleled end-to-end visibility into the activities of nation-state level attacks like HOLMIUM.
Read more Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint
Featured image for Exploiting a crisis: How cybercriminals behaved during the outbreak

Exploiting a crisis: How cybercriminals behaved during the outbreak

Cybercriminals adapted their tactics to match what was going on in the world, and what we saw in the threat environment was parallel to the uptick in COVID-19 headlines and the desire for more information.
Read more Exploiting a crisis: How cybercriminals behaved during the outbreak
Male developer working remotely from a café. Featured image for Zero Trust—Part 1: Networking

Zero Trust—Part 1: Networking

Taking a Zero Trust approach can help to ensure optimal security without compromising end user application experiences.
Read more Zero Trust—Part 1: Networking
Featured image for Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

Inspired by MITRE's transparency in publishing the payloads and tools used in the attack simulation, we’ll describe the mystery that is Step 19 and tell a story about how blue teams, once in a while, can share important learnings for red teams.
Read more Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation