Select Page
Infographic showing maximum detection during attack stages, with Office 365 ATP, Azure AD Identity Protection, and Cloud App Security.

Changing security incident response by utilizing the power of the cloud—DART tools, techniques, and procedures: part 1

This is the first in a blog series discussing the tools, techniques, and procedures that the Microsoft Detection and Response Team (DART) use to investigate cybersecurity incidents at our customer organizations. Today, we introduce the team and give a brief ... continue reading
Replace passwords with a biometric security key

Replace passwords with a biometric security key

Hi everyone, I am deeply passionate about keeping my customers secure.  We are on a mission to eliminate passwords since they can be easily shared, leaked, or cracked.  Our goal is to replace them with strong authentication methods such as ... continue reading
Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM

Azure Sentinel updates: Improve your security operations with innovations from a cloud-native SIEM

Just a month ago, I communicated the details about Azure Sentinel reaching general availability. Since then, many customers have shared how Azure Sentinel has empowered their teams to be nimble and more efficient. ASOS, one of the largest online fashion ... continue reading

Improve security with a Zero Trust access model

Zero Trust is a security model that I believe can begin to turn the tide in the cybersecurity battles. Traditional perimeter-based network security has proved insufficient because it assumes that if a user is inside the corporate perimeter, they can ... continue reading
In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading
Infographic showing the classic SIEM model: Incidents, Alert Queue, Primary Investigation, Pivot and Remediate.

CISO series: Lessons learned from the Microsoft SOC—Part 3a: Choosing SOC tools

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. Our learnings in the series come primarily from Microsoft’s corporate IT security operation team, one of several ... continue reading

Your password doesn’t matter—but MFA does!

Your pa$$word doesn’t matter—Multi-Factor Authentication (MFA) is the best step you can take to protect your accounts. Using anything beyond passwords significantly increases the costs for attackers, which is why the rate of compromise of accounts using any MFA is ... continue reading
:smile:

All your creds are belong to us!

A few days ago, our team helped someone who had been a target of account takeover (ATO). Despite protecting the account with mandatory two-step verification using SMS and the Authenticator app, attackers had broken into the account and changed the ... continue reading
How to prevent phishing attacks that target your customers with DMARC and Office 365

How to prevent phishing attacks that target your customers with DMARC and Office 365

You already know that email is the number one attack vector for cybercriminals. But what you might not know is that without a standard email security protocol called Domain Message Authentication, Reporting, and Conformance (DMARC), your organization is open to ... continue reading
Animated image showing the number of malware attacks and data breaches organizations face every day. 4,000 daily ransomware attacks. 300,000,000 fraudulent sign-in attempts. 167,000,000 daily malware attacks. 81% of breaches are caused by credential theft. 73% of passwords are duplicates. 50% of employees use apps that aren't approved by the enterprise. 99.9% of attacks can be blocked with multi-factor authentication.

One simple action you can take to prevent 99.9 percent of attacks on your accounts

There are over 300 million fraudulent sign-in attempts to our cloud services every day. Cyberattacks aren’t slowing down, and it’s worth noting that many attacks have been successful without the use of advanced technology. All it takes is one compromised ... continue reading