behavioral blocking and containment – Computer Security Articles

Behavioral blocking and containment: Transforming optics into protection

March 18, 2020 admin behavioral blocking and containment, cybersecurity, endpoint detection and response (edr), endpoint protection platform (EPP), Endpoint security, juicy potato, Microsoft Defender Advanced Threat Protection, Microsoft Defender ATP, Microsoft security intelligence, Microsoft Threat Protection, next generation protection, qrat, Security Intelligence, Threat protection

Credit to Author: Eric Avena| Date: Mon, 09 Mar 2020 16:30:20 +0000

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.

The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security .

Microsoft Security

Insights from one year of tracking a polymorphic threat

November 26, 2019 admin behavior monitoring, behavior-based machine learning, behavioral blocking and containment, cybersecurity, dexphot, fileless, Microsoft security intelligence, polymorphic malware

Credit to Author: Eric Avena| Date: Tue, 26 Nov 2019 17:00:56 +0000

We discovered the polymoprhic threat Dexphot in October 2018. In the months that followed, we closely tracked the threat as attackers upgraded the malware, targeted new processes, and worked around defensive measures. One year’s worth of intelligence helped us gain insight not only into the goals and motivations of Dexphot’s authors, but of cybercriminals in general.

The post Insights from one year of tracking a polymorphic threat appeared first on Microsoft Security .

Microsoft Security

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

October 8, 2019 admin AI and machine learning, amsi paired machine learning, automation, behavior-based machine learning, behavioral blocking and containment, cybersecurity, endpoint protection platform, Endpoint security, Microsoft Defender ATP, Microsoft security intelligence, Security Intelligence, threat and malware prevention

Credit to Author: Eric Avena| Date: Tue, 08 Oct 2019 15:00:11 +0000

Two new machine learning protection features within the behavioral blocking and containment capabilities in Microsoft Defender ATP specialize in detecting threats by analyzing behavior, adding new layers of protection after an attack has started running.

The post In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks appeared first on Microsoft Security .