Select Page
Red Canary by the numbers: 20,000 endpoints, 51 billion telemetry records, 69,886 tipoffs, 3,943 significant events, 74 detections, and 17 high-severity attacks.

How Red Canary and Microsoft can help reduce your alert fatigue

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Security alert fatigue Organizations often feel overwhelmed by the number of security alerts they receive. Frustrated by alert fatigue, these organizations want a deeper understanding ... continue reading
Partner relationships page in the Microsoft 365 admin center.

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to ... continue reading
Column chart showing number of notifications for 2019, 2020, and 2021

Iranian targeting of IT sector on the rise

Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and ... continue reading
Three icons representing data at rest, in transit, and in use.

Adopting a Zero Trust approach throughout the lifecycle of data

Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originates from an uncontrolled network. Regardless of where the request originates or what resource it accesses, Zero ... continue reading

Bringing commercial innovations in chip design to national security

Semiconductors and microelectronics are some of the most important components in building cutting-edge capabilities for our national security and defense technologies, from satellites and radar to vehicles and communications equipment. Ensuring these components are developed with the utmost regard for ... continue reading

Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365

Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector. We’ve seen it all over the news with stories like Hafnium that targeted Exchange servers1 or the Nobelium attack against SolarWinds,2 which show just how ... continue reading

The importance of identity and Microsoft Azure Active Directory resilience

I love hearing my colleagues explain how they came to the industry because so many of their stories are unusual. I’m surprised how often I hear that people got into computer science by some fortuitous accident. Although he loved computers ... continue reading
Timeline showing dates, threat actor, and malware payload of ransomware attacks by Iranian threat actors

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends ... continue reading
Open Systems’ MDR integration with Microsoft.

How Open Systems uses Microsoft tools to improve security maturity

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. We’ve all seen it happen—an organization has all the top-notch security tools in place and still, they get breached. In today’s rapidly evolving threat landscape, ... continue reading
Diagram showing how adaptive protection works

AI-driven adaptive protection against human-operated ransomware

In human-operated ransomware attacks, threat actors use predictable methods to enter a device but eventually rely on hands-on-keyboard activities to move inside a network. To fortify our existing cloud-delivered automated protection against complex attacks like human-operated ransomware, we developed a ... continue reading