8 matches found
Threat hunting in Azure Advanced Threat Protection (ATP)
As members of Microsoft’s Detection and Response Team DART, we’ve seen a significant increase in adversaries “living off the land” and using compromised account credentials for malicious purposes. From an investigation standpoint, tracking adversaries using this method is quite difficult as you...
The evolution of Microsoft Threat Protection—July update
Modern security teams need to proactively, efficiently, and effectively hunt for threats across multiple attack vectors. To address this need, today we’re excited to give you a glimpse of a new threat hunting capability coming soon to Microsoft Threat Protection. Building off the threat hunting...
The evolution of Microsoft Threat Protection, June update
Since our announcement of Microsoft Threat Protection at Microsoft Ignite, our goal has been to execute and deliver on our promise of helping organizations protect themselves from today’s sophisticated and complex threat landscape. As we close out our fiscal year, we’ve continued progress on...
Investigating identity threats in hybrid cloud environments
As the modern workplace transforms, the identity attack surface area is growing exponentially, across on-premises and cloud, spanning a multitude of endpoints and applications. Security Operations SecOps teams are challenged to monitor user activities, suspicious or otherwise, across all dimensio...
Step 10. Detect and investigate security incidents: top 10 actions to secure your environment
"Step 10. Detect and investigate security incidents" is the final installment in the Top 10 actions to secure your environment blog series. Here we walk you through how to set up Azure Advanced Threat Protection Azure ATP to secure identities in the cloud and on-premises. Azure ATP is a service i...
Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets
Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word processor software for specif...
Cybersecurity threats: How to discover, remediate, and mitigate
This blog is part of a series that responds to common questions we receive from customers about deployment of Microsoft 365 security solutions. In this series youll find context, answers, and guidance for deployment and driving adoption within your organization. Check out our last blog, Protect...
Securing the modern workplace with Microsoft 365 threat protection – part 3
This post is authored by Debraj Ghosh, Senior Product Marketing Manager, Microsoft 365 Security. Detecting ransomware in the modern workplace Over the last two weeks, we have shared with you the roots of Microsoft 365 threat protection and how Microsoft 365 threat protect helps protect the modern...