Select Page
Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP

In MITREs evaluation of endpoint detection and response solutions, Windows Defender Advanced Threat Protection demonstrated industry-leading optics and detection capabilities. The breadth of telemetry, the strength of threat intelligence, and the advanced, automatic detection through machine learning, heuristics, and behavior ... continue reading

Phishing with the Sharks Using the Attack Simulator

Hello, Paul Bergson back again. It is late fall and once again playoff time for High School and Collegiate volleyball. Women’s volleyball in Minnesota is a big deal and I have played and coached for over 30 years and I ... continue reading
Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers

Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted ... continue reading
Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

Several weeks ago, the Windows Defender Advanced Threat Protection (Windows Defender ATP) team uncovered a new cyberattack that targeted several high-profile organizations in the energy and food and beverage sectors in Asia. Given the target region and verticals, the attack ... continue reading
Infrastructure + Security: Noteworthy News (November, 2018)

Infrastructure + Security: Noteworthy News (November, 2018)

Hi there! This is Stanislav Belov here, and you are reading the next issue of the Infrastructure + Security: Noteworthy News series! As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and ... continue reading

PowerShell Constrained Language mode and the Dot-Source Operator

PowerShell Constrained Language mode and the Dot-Source Operator PowerShell works with application control systems, such as AppLocker and Windows Defender Application Control (WDAC), by automatically running inConstrainedLanguage mode. ConstrainedLanguage mode restricts some exploitable aspects of PowerShell while still giving you ... continue reading

Security baseline (FINAL) for Windows 10 v1809 and Windows Server 2019

Microsoft is pleased to announce the final release of the security configuration baseline settings for Windows 10 October 2018 Update (a.k.a., version 1809, “Redstone 5” or “RS5”), and for Windows Server 2019. For now, download the content here: Windows-10-1809-Security-Baseline-FINAL. It ... continue reading
What’s new in Windows Defender ATP

What’s new in Windows Defender ATP

Across Windows Defender Advanced Threat Protection (Windows Defender ATP) engineering and research teams, innovation drives our mission to protect devices in the modern workplace. Our goal is to equip security teams with the tools and insights to protect, detect, investigate, ... continue reading
The evolution of Microsoft Threat Protection, November update

The evolution of Microsoft Threat Protection, November update

At Ignite 2018, we announced Microsoft Threat Protection, a comprehensive, integrated solution securing the modern workplace across identities, endpoints, user data, cloud apps, and, infrastructure (Figure 1). The foundation of the solution is the Microsoft Intelligent Security Graph, which correlates ... continue reading
Loading...