Select Page
636012d2-c567-4e21-b6c7-d672553c9658

Stay ahead of attacks with Azure Security Center

With massive workforces now remote, the stress of IT admins and security professionals is compounded by the increased pressure to keep everyone productive and connected while combatting evolving threats. Now more than ever, organizations need to reduce costs, keep up ... continue reading

CISO Stressbusters: Post #2: 4 tips for getting the first 6 months right as a new CISO

In your first six months in a new Chief Information Security Officer (CISO) role, you will often be tasked with building a security program. For some of us this is the most exciting part of the job, but it can ... continue reading

Microsoft continues to extend security for all with mobile protection for Android

Just a year ago, we shared our first steps on a journey to enable our customers to protect endpoints running a variety of platforms with our announcement of Microsoft Defender ATP for Mac. Knowing that each of our customers have ... continue reading

Modernizing the security operations center to better secure a remote workforce

The response to COVID-19 has required many security operations centers (SOCs) to rethink how they protect their organizations. With so many employees working remotely, IT groups are routing more traffic directly to cloud apps, rather than through the network. In ... continue reading
Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

The increasing pervasiveness of cloud services in today’s work environments, accelerated by a crisis that forced companies around the globe to shift to remote work, is significantly changing how defenders must monitor and protect organizations. Corporate data is spread across ... continue reading
Screenshot of Windows Security notification showing detection of malicious content in non-volatile memory (NVRAM)

UEFI scanner brings Microsoft Defender ATP protection to a new level

Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) is extending its protection capabilities to the firmware level with a new Unified Extensible Firmware Interface (UEFI) scanner. Hardware and firmware-level attacks have continued to rise in recent years, as modern security ... continue reading

SMB Traffic Control

Heya folks, Ned here again. I recently wrote a guest post on the IT Ops Talk blog about increasing security by controlling SMB traffic's ingress, egress, and lateral movement. You'll learn best practices, hands-on steps, and gain a deeper understanding ... continue reading

Stay ahead of multi-cloud attacks with Azure Security Center

The COVID-19 crisis has challenged just about every business on the planet to quickly adapt and transform. With massive workforces now remote, IT administrators and security professionals are under increased pressure to keep these workers connected and productive while combating ... continue reading
Graph showing trend of COVID-19 themed attacks and mapping key events during the outbreak

Exploiting a crisis: How cybercriminals behaved during the outbreak

In the past several months, seemingly conflicting data has been published about cybercriminals taking advantage of the COVID-19 outbreak to attack consumers and enterprises alike. Big numbers can show shifts in attacker behavior and grab headlines. Cybercriminals did indeed adapt ... continue reading
Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

In September 2019, MITRE evaluated Microsoft Threat Protection (MTP) and other endpoint security solutions. The ATT&CK evaluation lasted for three days, with a professional red team from MITRE emulating many advanced attack behaviors used by the nation-state threat group known ... continue reading