Select Page
From unstructured data to actionable intelligence: Using machine learning for threat intelligence

From unstructured data to actionable intelligence: Using machine learning for threat intelligence

The security community has become proficient in using indicators of compromise (IoC) feeds for threat intelligence. Automated feeds have simplified the task of extracting and sharing IoCs. However, IoCs like IP addresses, domain names, and file hashes are in the ... continue reading
Pa$$word1.png

Your Pa$$word doesn’t matter

Every week I have at least one conversation with a security decision maker explaining why a lot of the hyperbole about passwords – “never use a password that has ever been seen in a breach,” “use really long passwords”, “passphrases-will-save-us”, ... continue reading
Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack

Dismantling a fileless campaign: Microsoft Defender ATP next-gen protection exposes Astaroth attack

The prevailing perception about fileless threats, among the security industry’s biggest areas of concern today, is that security solutions are helpless against these supposedly invincible threats. Because fileless attacks run the payload directly in memory or leverage legitimate system tools ... continue reading
Image of the Windows Defender Security Center.

Step 9. Protect your OS: top 10 actions to secure your environment

In “Step 9. Protect your OS” of the Top 10 actions to secure your environment blog series, we provide resources to help you configure Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) to defend your Windows, macOS, Linux, iOS, and ... continue reading
Phishing with the Sharks Using the Attack Simulator

Phishing with the Sharks Using the Attack Simulator

First published on TECHNET on Dec 03, 2018Hello, Paul Bergson back again. It is late fall and once again playoff time for High School and Collegiate volleyball. Women's volleyball in Minnesota is a big deal and I have played and ... continue reading
Infographic of the strength of signal offered by the Microsoft Intelligent Security Graph.

Executing on the vision of Microsoft Threat Protection

Over the last several months, we’ve provided regular updates on the rapid progress we’re making with Microsoft Threat Protection, which enables your organization to: Protect your assets with identity-driven security and powerful conditional access policies which ensure your assets are ... continue reading

3 investments Microsoft is making to improve identity management

As a large enterprise with global reach, Microsoft has the same security risks as its customers. We have a distributed, mobile workforce who access corporate resources from external networks. Many individuals struggle to remember complex passwords or reuse one password ... continue reading
Image showing key SOC functions: threat intelligence, incident management, and SOC analysts (tiers 1, 2, and 3).

Lessons learned from the Microsoft SOC—Part 2: Organizing people

In the second post in our series, we focus on the most valuable resource in the security operations center (SOC)—our people. This series is designed to share our approach and experience with operations, so you can use what we learned ... continue reading

Defend your digital landscape with Microsoft 365

What is it about the middle of the night that brings our fears to the surface? For me, it’s the unknown dangers that may confront my young daughter and how I will protect her. Fear of the unknown can also ... continue reading

4 tried-and-true prevention strategies for enterprise-level security

Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it ... continue reading