Select Page

Industry-wide partnership on threat-informed defense improves security for all

MITRE Engenuity’s Center for Threat-Informed Defense has published a library of detailed plans for emulating the threat actor FIN6 (which Microsoft tracks as TAAL), a collection of threat intelligence, MITRE ATT&CK data, supporting scripts, and utilities designed to enable red ... continue reading
Archutecture.JPG

Durham County enhances security across a hybrid environment with Azure AD and F5 BIG-IP APM

Hello! In today’s “Voice of the Customer” blog, Lyvon Garth, CISO, Durham County, Aaron Stone, Assistant Director and members of his team provide details about how they use Azure Active Directory (Azure AD) and F5 BIG-IP APM to apply consistent ... continue reading
AppGuard Policies

Microsoft Defender Application Guard for Office

  Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will focus on a future release of Microsoft Defender Application Guard for Office available in limited preview for Windows 10 20H2. Windows 10 20H2 is now available for commercial customers to ... continue reading
An image of the management of the lifecycle of a discovered app.

Microsoft Zero Trust deployment guide for your applications

Introduction More likely than not, your organization is in the middle of a digital transformation characterized by increased adoption of cloud apps and increased demand for mobility. In the age of remote work, users expect to be able to connect to any resource, on any device, from ... continue reading
Diagram showing pairs of machine learning models on the endpoint and in the cloud using AMSI to detect malicious scripts

Stopping Active Directory attacks and other post-exploitation behavior with AMSI and machine learning

When attackers successfully breach a target network, their typical next step is to perform reconnaissance of the network, elevate their privileges, and move laterally to reach specific machines or spread as widely as possible. For these activities, attackers often probe ... continue reading

Rethinking IoT/OT Security to Mitigate Cyberthreats

We live in an exciting time. We’re in the midst of the fourth industrial revolution—first steam, followed by electricity, then computers, and, now, the Internet of Things. A few years ago, IoT seemed like a futuristic concept that was on ... continue reading
An image showing the Microsoft "Permissions requested" dialogue.

How can Microsoft Threat Protection help reduce the risk from phishing?

Microsoft Threat Protection can help you reduce the cost of phishing The true cost of a successful phishing campaign may be higher than you think. Although phishing defenses and user education have become common in many organizations, employees still fall ... continue reading
Diagram showing an attack chain involving attack sprawl and techniques like overpass-the-hash

Inside Microsoft Threat Protection: Solving cross-domain security incidents through the power of correlation analytics

In theory, a cyberattack can be disrupted at every phase of the attack chain. In reality, however, defense stack boundaries should overlap in order to be effective. When a threat comes via email, for example, even with good security solutions ... continue reading
Microsoft Endpoint Manager: Create & Audit an ASR Policy

Microsoft Endpoint Manager: Create & Audit an ASR Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating an Attack Surface Reduction (ASR) rule ... continue reading

Minimize disruption with cost-effective backup and disaster recovery solutions on Azure

A top of mind concern among our customers is keeping their applications and data workloads running and recoverable in the case of unforeseen events or disasters. For example, COVID-19 has presented daunting challenges for IT, which are only compounded by ... continue reading