Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

Credit to Author: Eric Avena| Date: Tue, 17 Mar 2020 16:00:49 +0000

Secured-core PCs combine virtualization, operating system, and hardware and firmware protection. Along with Microsoft Defender ATP, Secured-core PCs provide end-to-end protection against advanced attacks that leverage driver vulnerabilities to gain kernel privileges.

The post Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks appeared first on Microsoft Security.

Read more

Behavioral blocking and containment: Transforming optics into protection

Credit to Author: Eric Avena| Date: Mon, 09 Mar 2020 16:30:20 +0000

Behavioral blocking and containment capabilities leverage multiple Microsoft Defender ATP components and features to immediately stop attacks before they can progress. We have expanded these capabilities to get even broader visibility into malicious behavior by using a rapid protection loop engine that leverages endpoint and detection response (EDR) sensors.

The post Behavioral blocking and containment: Transforming optics into protection appeared first on Microsoft Security.

Read more

Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals

Credit to Author: Todd VanderArk| Date: Thu, 20 Feb 2020 14:00:43 +0000

Azure Sentinel Fusion technology uses powerful machine learning methods to enable your SecOps team to focus on the threats that matter.

The post Azure Sentinel uncovers the real threats hidden in billions of low fidelity signals appeared first on Microsoft Security.

Read more

Building on secure productivity

Credit to Author: Todd VanderArk| Date: Wed, 12 Feb 2020 17:00:08 +0000

Announcing Safe Documents and Application Guard, new Microsoft 365 features that bring together Windows 10, Office 365, and Microsoft Defender ATP to help users stay secure and productive.

The post Building on secure productivity appeared first on Microsoft Security.

Read more

Threat hunting in Azure Advanced Threat Protection (ATP)

Credit to Author: Todd VanderArk| Date: Tue, 07 Jan 2020 17:00:53 +0000

DART was called into an engagement where the adversary had a foothold within the on-premises network, which had been gained through compromising cloud credentials. Luckily, this customer had deployed Azure ATP prior to the incident and it had already normalized authentication and identity transactions within the customer network.

The post Threat hunting in Azure Advanced Threat Protection (ATP) appeared first on Microsoft Security.

Read more

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

Credit to Author: Todd VanderArk| Date: Mon, 23 Dec 2019 17:00:57 +0000

In this next post in our series, we provide insight into a day in the life of our SOC analysts investigating common front door attacks.

The post CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life appeared first on Microsoft Security.

Read more

Mobile threat defense and intelligence are a core part of cyber defense

Credit to Author: Todd VanderArk| Date: Thu, 19 Dec 2019 17:00:32 +0000

To safeguard company assets, organizations need to augment their global cyber defense strategy with mobile threat intelligence.

The post Mobile threat defense and intelligence are a core part of cyber defense appeared first on Microsoft Security.

Read more