Executing on the vision of Microsoft Threat Protection
Over the last several months, we’ve provided regular updates on the rapid progress we’re making with Microsoft Threat Protection, which enables your organization to: Protect your assets with identity-driven security and powerful conditional access policies which ensure your assets are ... continue reading
Lessons learned from the Microsoft SOC—Part 2: Organizing people
In the second post in our series, we focus on the most valuable resource in the security operations center (SOC)—our people. This series is designed to share our approach and experience with operations, so you can use what we learned ... continue reading
Defend your digital landscape with Microsoft 365
What is it about the middle of the night that brings our fears to the surface? For me, it’s the unknown dangers that may confront my young daughter and how I will protect her. Fear of the unknown can also ... continue reading
Building the security operations center of tomorrow—better insights with compound detection
In the physical world, humans are fantastic at connecting low quality signals into high quality analysis. Consider speaking with someone in a crowded place. You may not hear every word they say, but because you are fluent in the language ... continue reading
Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability
In early March, we discovered a cyberattack that used an exploit for CVE-2018-20250, an old WinRar vulnerability disclosed just several weeks prior, and targeted organizations in the satellite and communications industry. A complex attack chain incorporating multiple code execution techniques ... continue reading
Step 8. Protect your documents and email: top 10 actions to secure your environment
The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 8. Protect your documents and email,” you’ll learn how to deploy Azure Information Protection and ... continue reading
Steer clear of tax scams
In the month of February, we saw an average of 300,000 phishing attempts across Microsoft’s browsing platforms daily. Our security experts expect these attempted scams to become increasingly more prevalent through the April 15 Tax Day, especially in the two ... continue reading
Reduce the number of admins on your servers with Just Enough Administration
First published on TECHNET on Aug 29, 2016 Least Privilege As part of your information security strategy, you are probably familiar with the principle of least privilege . The concept itself is simple -- give your IT staff and end-users ... continue reading
Azure AD Mailbag: Discovering and blocking legacy authentication
Hey there, I am Andres Canello from the Azure AD Get-to-Production team. I'm a long time Exchange guy now working on Identity. I am very passionate about helping customers prevent password-based attacks and it is a major topic of concern ... continue reading
Be careful of data without context: The case of malware scanning of journaled emails
Recently, we shared details on how effectiveness is measured for Office 365 Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). We also followed up with a comprehensive update on Office 365s improved ability to stop phishing emails from impacting ... continue reading
